We help IT Professionals succeed at work.

Is it possible to configure Access List for a port on Cisco 2924 switch

jcrdsl77
jcrdsl77 asked
on
I have very limited knowledge of Cisco switches.  However, we have a Cisco 2924C-XL  switch.  We have 15 computers connected to it.   Wanted to know if its possible to configure an access-list to block access on a single port of the switch?

We have one computer to which we'd like to block several computers from having access to.   I know that this is possible with the software firewall on this system, but, wanted to use the switch if possible.
Comment
Watch Question

Yes you can create a V-LAN but it would depend upon the IOS version being used. Check out at below site for more information. http://www.cisco.com/en/US/docs/switches/lan/catalyst2900xl_3500xl/releasesa4/rn/78607501.html

Commented:
I believe you can do that on this switch, as far as remember this is a Layer-2 switch with minimal layer-2 security features (if any at all).
Les MooreSr. Systems Engineer
Top Expert 2008

Commented:
Basically, no.
You cannot create access-lists on this switch. It is a very old, very basic, layer 2 switch.

Commented:
My initial post should have read ...

"I believe you CANT do that on this switch, as far as remember this is a Layer-2 switch with minimal layer-2 security features (if any at all)."

Author

Commented:
Since we're talking about Layer 2, then, is it possible to restrict access of a certain port on the switch using mac addresses?  I've already googled mac address filtering and haven't found anything .
Sr. Systems Engineer
Top Expert 2008
Commented:
Not on the old 2924XL
Most modern IOS based L2 switches, yes, but it's all or nothing. Meaning you cannot block a MAC address A from talking to MAC address B. It's block it all or allow it all.

Author

Commented:
So, I'm guessing with this old switch, 2 vlans would have to be setup and to use access lists, a router would have to be used to allow or block traffic correct ?
Les MooreSr. Systems Engineer
Top Expert 2008

Commented:
Correct.