ACCESS LIST

[duster123]

Applying acls to my 2950 switch is frustrating the hell out of me. this in one acl i created.

AASH2950#sh ip access-list
Extended IP access list 102
deny tcp host 9.9.9.15 host 9.9.9.2 eq telnet
permit tcp any any

**After i create that access list i tried to apply it to a ethernet port and i get the followin error:

AASH2950(config)#int fa0/1
AASH2950(config-if)#ip access-group 102 in
^
% Invalid input detected at '^' marker.

** I then try to apply it to a Vlan 1 and get this error:
AASH2950(config-if)# vlan 1
AASH2950(config-vlan)# ip access-group 102 in
% Invalid input detected at '^' marker.



**** when trying to apply to the interface the IP is not a recoginzed word and the other access is not a recognized word. I even copy the exact example from cisco website and get the same error. I NEED HELP

 

[vipergg]

try this

http://www.cisco.com/en/US/products...figuration_guide_chapter09186a008007e8ed.html

 

[duster123]

thats exactly the document i got my examples from

 

[vipergg]

If you don't have the enhanced image which is probably your problem you cannot do acl's on a 2950.

 

[duster123]

Below is my show version command. How can i tell if i have the enhanced version?


****** Unauthorized access Prohibited*****

User Access Verification

Password:
AASH2950>sh version
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(13)EA1c, RELEASE SOFTWARE
(fc1)
Copyright (c) 1986-2003 by cisco Systems, Inc.
Compiled Tue 24-Jun-03 17:31 by yenanh
Image text-base: 0x80010000, data-base: 0x805A8000

ROM: Bootstrap program is CALHOUN boot loader

AASH2950 uptime is 3 hours, 32 minutes
System returned to ROM by power-on
System image file is "flash:c2950-i6q4l2-mz.121-13.EA1c.bin"

cisco WS-C2950-24 (RC32300) processor (revision E0) with 20839K bytes of memory.
Processor board ID FOC0633Y0VW
Last reset from system-reset
Running Standard Image
24 FastEthernet/IEEE 802.3 interface(s)

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address:
Motherboard assembly number: 73-5781-10
Power supply part number: 34-0965-01
Motherboard serial number: @#########
Power supply serial number: PHI062609EV
Model revision number: E0
Motherboard revision number: B0
Model number: WS-C2950-24
System serial number: F#########
Configuration register is 0xF

AASH2950>

 

[duster123]

I just upgraded the ios on the switch; here is my new show ver


AASH2950#sh version
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA8a, RELEASE SOFTWARE
(fc1)
Copyright (c) 1986-2006 by cisco Systems, Inc.
Compiled Fri 28-Jul-06 15:16 by weiliu
Image text-base: 0x80010000, data-base: 0x8056A000

ROM: Bootstrap program is C2950 boot loader

AASH2950 uptime is 6 minutes
System returned to ROM by power-on
System image file is "flash:c2950-i6q4l2-mz.121-22.EA8a.bin"

cisco WS-C2950-24 (RC32300) processor (revision E0) with 21004K bytes of memory.
Processor board ID FOC0633Y0V
Last reset from system-reset
Running Standard Image
24 FastEthernet/IEEE 802.3 interface(s)

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:0A:B7:74:80
Motherboard assembly number: 73-57810
Power supply part number: 34-0965-01
Motherboard serial number: FOC063
--More--

 

[vipergg]

If you look at your show version it tells you that you are running standard image . There is no way around this , the IOS is the same for all 2950 models but the software recognizes what switch it is and installs the required image , the switch you have is standard image only , WS-2950-24.

 

[duster123]

But if i can create acl why is it i cant apply them to an interface? that makes no sense i can create acls but when i apply it i get errors