Switch ACL config (3550-SMI)

So I am not too familiar with switch ACLs, I mainly used ASA or PIX.

But I have an environment where I want to do switch-based ACL security. I have a 3550 with Std Multilayer Image.

There is a single server on this switch, and my security goal is to block all tcp/udp ports except for FTP.

So far everything I tried doesn't work.

This is what I have tried so far:

conf t interface FastEthernet 0/2 ip access-group 150 in exit access-list 150 deny ip any any access-list 150 permit tcp any any eq ftp exit

The above config ends up blocking all access, and ftp will not get through.

Reply to
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.