So I am not too familiar with switch ACLs, I mainly used ASA or PIX.
But I have an environment where I want to do switch-based ACL security. I have a 3550 with Std Multilayer Image.
There is a single server on this switch, and my security goal is to block all tcp/udp ports except for FTP.
So far everything I tried doesn't work.
This is what I have tried so far:
conf t interface FastEthernet 0/2 ip access-group 150 in exit access-list 150 deny ip any any access-list 150 permit tcp any any eq ftp exit
The above config ends up blocking all access, and ftp will not get through.