Table of Contents

HOW TO CONFIGURE ADVANCED ACL

The interconnection between different departments on a company network is implemented through the 1000 Mbps port of the switch. The IP addresss of the payment query server of the Financial Dept. Is 129.110.1.2 Financial Dept is accessed using Gigabit Ethernet 1/0/50 it is required to properly configure the ACL and limit Financial Dept access to the payment query server between 8:00 and 18:00.

Define the work time range

Define time range from 8:00 to 18:00

[sw5500] time-tange 3Com 8:00 to 18:00 working-day

Define the ACL to access the payment server

Enter the numbered advanced ACL, number as 3000

[sw5500] acl number 3000 match-order config

Define the rules for other department to access the payment server

[sw5500-acl-adv-3000] rule 1 deny ip source any destination
129.111.1.2 0.0.0.0 destination 129.110.1.2 0.0.0.0

Activate ACL

Activate the ACL 3000

[sw5500-GigabitEthernet1/0/50]packet-filter inbound ip-group 3000

David Gonzalez 2021/03/29 10:23