пытаюсь настроить ACL - закрыть одну подсеть от другой.
ACL:
access-list 1 deny 10.0.0.0 0.255.255.255
access-list 1 permit any
fastEthernet 0/2:
interface FastEthernet0/2
description LAN
switchport access vlan 10
switchport mode access
на интерфейсе пытаюсь применить ip access-group 101 out, но не получается - доступен тока "in"
в доках вычитал: "For Layer 2 port ACLs, the switch does not support logging or outbound ACLs."
как быть ?
----------
show ver
Cisco IOS Software, C3550 Software (C3550-I5Q3L2-M), Version 12.2(25)SE, RELEASE SOFTWARE (fc)
Copyright (c) 1986-2004 by Cisco Systems, Inc.
Compiled Wed 10-Nov-04 18:07 by yenanh
ROM: Bootstrap program is C3550 boot loader
main-switch uptime is 1 week, 20 hours, 45 minutes
System returned to ROM by power-on
System restarted at 15:39:54 IRKT Mon Dec 12 2005
System image file is "flash:/c3550-i5q3l2-mz.122-25.SE.bin"
Cisco WS-C3550-24 (PowerPC) processor (revision M0) with 65526K/8192K bytes of memory.
Processor board ID CAT0825Z39E
Last reset from warm-reset
Running Layer2/3 Switching Image
Ethernet-controller 1 has 12 Fast Ethernet/IEEE 802.3 interfaces
Ethernet-controller 2 has 12 Fast Ethernet/IEEE 802.3 interfaces
Ethernet-controller 3 has 1 Gigabit Ethernet/IEEE 802.3 interface
Ethernet-controller 4 has 1 Gigabit Ethernet/IEEE 802.3 interface
24 FastEthernet interfaces
2 Gigabit Ethernet interfaces
The password-recovery mechanism is enabled.
384K bytes of flash-simulated NVRAM.
Base ethernet MAC Address:
Motherboard assembly number: 73-5700-11
Power supply part number: 34-0966-04
Motherboard serial number: CAT08230P25
Power supply serial number: LIT081004M9
Model revision number: M0
Motherboard revision number: A0
Model number: WS-C3550-24-SMI
System serial number: CAT0825Z39E
Configuration register is 0x10F
Вариант для распечатки
Маршрутизаторы CISCO и др. оборудование. (Public)
(ok) on
20-Дек-05, 08:12 (MSK)
