Unsolved
19 Posts
0
1560
S4048-ON adding ACL group
Hi,
Currently in our environment we have N4032F switches, and when we ordered a few additional, we were sent S4048-ON instead of N4032F. I've gotten them configured, but having trouble adding an access group.
Here is the access list from the N4032F:
ip access-list Public
1000 permit ip any 10.121.0.72 0.0.0.0
1010 permit ip any 10.121.0.43 0.0.0.0
1020 permit ip any 10.100.0.72 0.0.0.1
1030 permit tcp any any eq http
1040 permit tcp any any eq 442
1050 permit tcp any any eq 443
1060 deny ip any 10.0.0.0 0.255.255.255
1070 deny ip any 192.168.0.0 0.0.255.255
1080 deny ip any 172.16.0.0 0.0.255.255
1090 permit every
When I try to add on the S4048 it's not accepting the same syntax... Help?
(I know you have to specify seq number and CIDR)
Thanks
DELL-Josh Cr
Moderator
Moderator
•
8.7K Posts
0
July 17th, 2019 16:00
Hi,
Page 592 https://topics-cdn.dell.com/pdf/force10-s4048-on_reference-guide7_en-us.pdfThe N series does use a different version of the OS with slightly different commands.
Tadman23
19 Posts
0
September 18th, 2019 09:00
Hi Josh,
Thanks for your reply.
Can I get some help based on my above list from the N series switch that would be equivalent for the S series? Clearly I'm missing something because when I was adding each sequence it changes what I've entered.
I can't remember exactly, but currently the switch is in a live environment and I'm unable to test until outside of operating hours.
So, it would help if the N series config I copied could be translated to S series... Sorry if I'm asking too much.
Thanks
BobZanis
2 Posts
1
September 23rd, 2019 07:00
ip access-list extended Public
seq 1000 permit ip any host 10.121.0.72
seq 1010 permit ip any host 10.121.0.43
seq 1020 permit ip any 10.100.0.72/31
seq 1030 permit tcp any eq 80 any
seq 1040 permit tcp any eq 442 any
seq 1050 permit tcp any eq 443 any
seq 1060 deny ip any 10.0.0.0/8
seq 1070 deny ip any 192.168.0.0/16
seq 1080 deny ip any 172.16.0.0/16
seq 1090 permit ip any any
Tadman23
19 Posts
0
September 30th, 2019 13:00
Thanks Bob, I'll give that a go.