- Posts: 6
- Thank you received: 0
CISCO 3550 Questions
 17 years 5 months ago #26035
by vegeetz
CISCO 3550 Questions was created by vegeetz 
        Hi,
I just got this 3550 (3550-48 EMI) in and I had a few questions hopefully some of you guys or gals out there can spare a few minutes and help me.
Thanks in advance!
---
I have a C-Class of IP Addresses and port 48 is my uplink port from my provider. For example, 192.168.0.1/24
1) Can I specify a port to only be able to use 8 ip addresses, for example
192.168.0.10-192.168.0.17? I want to stop users from accessing another users assigned ips.
2) Limit the bandwidth on a port, lets say port 1 only gets 15mbps, port 2 can have 25mbps.
Thanks!
I just got this 3550 (3550-48 EMI) in and I had a few questions hopefully some of you guys or gals out there can spare a few minutes and help me.
Thanks in advance!
---
I have a C-Class of IP Addresses and port 48 is my uplink port from my provider. For example, 192.168.0.1/24
1) Can I specify a port to only be able to use 8 ip addresses, for example
192.168.0.10-192.168.0.17? I want to stop users from accessing another users assigned ips.
2) Limit the bandwidth on a port, lets say port 1 only gets 15mbps, port 2 can have 25mbps.
Thanks!
 17 years 5 months ago #26051
by Chris
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
        Replied by Chris on topic Re: CISCO 3550 Questions 
        vegeetz,
The 3550 is a layer 3 switch, which effectively means you can work on the network layer to perform wonders
Regarding your questions, if you wish to restrict specific IP addresses behind each port, you can create custom access lists and bind them to the necessary interface to get the result you need.
For example, let's say we want to restrict the workstation behind port 0/12 to ip address 10.0.0.4:
[code:1]Cat3560G(config)#access-list 100 permit ip host 10.0.0.4 any
Cat3560G(config)#interface gigabitEthernet 0/12
Cat3560G(config-if)#ip access-group 100 in[/code:1]
With the above configuration, only ip address 10.0.0.4 will be able to work on the specific interface. Traffic from the network will also be able to reach 10.0.0.4 without problems.
Regarding the bandwidth limiter, I'll have to test it to provide you with a working configuration, but I believe it can work using class maps to define the traffic and policies to which the classes are bound to. From there on, you apply the policy to the interface you wish in either outbound or inbound direction.
Hope that helps.
Cheers,
The 3550 is a layer 3 switch, which effectively means you can work on the network layer to perform wonders

Regarding your questions, if you wish to restrict specific IP addresses behind each port, you can create custom access lists and bind them to the necessary interface to get the result you need.
For example, let's say we want to restrict the workstation behind port 0/12 to ip address 10.0.0.4:
[code:1]Cat3560G(config)#access-list 100 permit ip host 10.0.0.4 any
Cat3560G(config)#interface gigabitEthernet 0/12
Cat3560G(config-if)#ip access-group 100 in[/code:1]
With the above configuration, only ip address 10.0.0.4 will be able to work on the specific interface. Traffic from the network will also be able to reach 10.0.0.4 without problems.
Regarding the bandwidth limiter, I'll have to test it to provide you with a working configuration, but I believe it can work using class maps to define the traffic and policies to which the classes are bound to. From there on, you apply the policy to the interface you wish in either outbound or inbound direction.
Hope that helps.
Cheers,
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
 17 years 5 months ago #26055
by vegeetz
        Replied by vegeetz on topic Re: CISCO 3550 Questions 
        Damn you are awesome.
Cat3560G(config)#access-list 100 permit ip host 10.0.0.4 any
To add more ips to port 0/12 I would just repeat the above command but with another ip?
Thanks,
Cat3560G(config)#access-list 100 permit ip host 10.0.0.4 any
To add more ips to port 0/12 I would just repeat the above command but with another ip?
Thanks,
 17 years 5 months ago #26057
by Chris
Correct, just repeat the code using different IP addresses for each interface and you ready to go.
Cheers,
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
        Replied by Chris on topic Re: CISCO 3550 Questions 
To add more ips to port 0/12 I would just repeat the above command but with another ip?
Correct, just repeat the code using different IP addresses for each interface and you ready to go.
Cheers,
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
 17 years 5 months ago #26058
by vegeetz
        Replied by vegeetz on topic Re: CISCO 3550 Questions 
        Cool, I will check that out.  Also thanks again.  Can you please update me when you find out about the policy maps for the bandwidth.  I would to limit both the in and out.
Thanks again Chris!
Thanks again Chris!
 17 years 5 months ago #26094
by vegeetz
        Replied by vegeetz on topic Re: CISCO 3550 Questions 
        Any luck chris on the rate limiting?  Also I had another question...
I have one VLAN (example, 192.168.0.0/24) and I have one uplink so far with a gateway of 192.168.0.1. Now I get a second uplink (example, 10.10.10.14) can I mix that in with my network. Like have a computer on port 5 have all their out going traffic routed through the second uplink (10.10.10.14)?
Thanks,
I have one VLAN (example, 192.168.0.0/24) and I have one uplink so far with a gateway of 192.168.0.1. Now I get a second uplink (example, 10.10.10.14) can I mix that in with my network. Like have a computer on port 5 have all their out going traffic routed through the second uplink (10.10.10.14)?
Thanks,
        Time to create page: 0.091 seconds    
 
 
 
 
 
 
 
  
 
