?
Solved

What does this mean in a Cisco Switch Config?

Posted on 2013-12-23
3
Medium Priority
?
925 Views
Last Modified: 2013-12-23
We are upgrading from a 3550 to a 3750 switch, and the only thing in the config I don't understand is this.

3550
ip access-list extended CMP-NAT-ACL
 dynamic Cluster-HSRP deny   ip any any
 dynamic Cluster-NAT permit ip any any

Open in new window


If I try to enter it into the 3750 I get this error.
% Only one dynamic entry can be configured per ACL.

Open in new window

and the config is saved at this.
ip access-list extended CMP-NAT-ACL
 dynamic Cluster-HSRP deny   ip any any

Open in new window


What does this policy do?  What should it be?
0
Comment
Question by:pamsauto
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 15

Expert Comment

by:WalkaboutTigger
ID: 39736716
So the first place I would point you to is this Cisco article on HSRP with a 3560 switch -
http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_52_se/configuration/guide/swhsrp.html

and its corresponding document for the 3750
http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_55_se/configuration/guide/swhsrp.html

Are you using HSRP?
0
 

Author Comment

by:pamsauto
ID: 39736727
We only have one internet connection, so I would say no to using HSRP.
0
 
LVL 15

Accepted Solution

by:
WalkaboutTigger earned 2000 total points
ID: 39736738
Then, in my opinion, you can completely ignore this bit of the configuration unless there are other bits of the ACL you need.

But if you're not using HSRP, you can ignore the dynamic entries listed in your question.
0

Featured Post

Video: Liquid Web Managed WordPress Comparisons

If you run run a WordPress, you understand the potential headaches you may face when updating your plugins and themes. Do you choose to update on the fly and risk taking down your site; or do you set up a staging, keep it in sync with your live site and use that to test updates?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question