======HOW TO CONFIGURE ADVANCED ACL====== The interconnection between different departments on a company network is implemented through the 1000 Mbps port of the switch. The IP addresss of the payment query server of the Financial Dept. Is 129.110.1.2 Financial Dept is accessed using Gigabit Ethernet 1/0/50 it is required to properly configure the ACL and limit Financial Dept access to the payment query server between 8:00 and 18:00. =====Define the work time range===== Define time range from 8:00 to 18:00 [sw5500] time-tange 3Com 8:00 to 18:00 working-day =====Define the ACL to access the payment server===== ====Enter the numbered advanced ACL, number as 3000==== [sw5500] acl number 3000 match-order config ====Define the rules for other department to access the payment server==== [sw5500-acl-adv-3000] rule 1 deny ip source any destination 129.111.1.2 0.0.0.0 destination 129.110.1.2 0.0.0.0 =====Activate ACL===== Activate the ACL 3000 [sw5500-GigabitEthernet1/0/50]packet-filter inbound ip-group 3000 --- //[[nce@itclatam.com|David Gonzalez]] 2021/03/29 10:23//