Switch ACL config (3550-SMI)

So I am not too familiar with switch ACLs, I mainly used ASA or PIX.

But I have an environment where I want to do switch-based ACL security. I have a 3550 with Std Multilayer Image.

There is a single server on this switch, and my security goal is to block all tcp/udp ports except for FTP.

So far everything I tried doesn't work.

This is what I have tried so far:

conf t interface FastEthernet 0/2 ip access-group 150 in exit access-list 150 deny ip any any access-list 150 permit tcp any any eq ftp exit

The above config ends up blocking all access, and ftp will not get through.

Reply to
Loading thread data ...

Reply to

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.