Cisco 3550 config ACL to only permit specific addresses to the switch

Hello everyone

I need some help configuring ACL on a 3550

Here what I need to do

I have the 3550  with only the default VLAN configured on it.  VLAN IP address is  

The switch is connect to the backbone switch which has many other VLANs with the following IP addresses,, etc

I need to only allow specific addresses from those VLANs on the backbone switch to access devices located in the default VLAN of the 3550 and at the same time allowing any devices on the 3550 to access everything everywhere.

How should I configure the ACL on the 3550

if you need more info, just let me know



Who is Participating?
John MeggersConnect With a Mentor Network ArchitectCommented:
access-list 100 deny ip <source> <wildcard_mask>
access-list 100 permit ip <source> <wildcard_mask>

interface vlan 1
ip access-group 100 in

put any deny statements in front if needed.  There's an implicit "deny ip any any" statement at the end of the ACL so make sure you have at least some permit statements or nothing will be allowed.

I'm pretty sure object-groups are not supported on that platform (may depend on the IOS version) but they make life much easier with ACLs.
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.