BTW - let me add that I cannot change versions...just not an option in this case. Thanks!
- Sean ""Sean Knox"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I am unable to apply access lists on any interface on a 8510CSR- every time > I attempt to, I receive this message (substitute GigabitEthernet0/0/0 for > your favorite interface) > > core8500(config-if)#ip access-group 101 in > Warning: Could not apply ACLs on GigabitEthernet0/0/0 > > The ACL is : > > access-list 101 deny ip host 10.10.50.64 host 10.1.1.151 > > ...attempting to prevent one host from accessing another. Pretty simple (or > so I thought). I am running version 121-7a.EY. > > Any ideas on what could be causing this? I've posted my running config at > the very bottom if interested. > > Thanks, > Sean > > > > Current configuration : 2875 bytes > ! > version 12.1 > no service pad > service timestamps debug uptime > service timestamps log uptime > service password-encryption > ! > hostname core8500 > ! > enable secret 5 weeeeeyeahright > enable password 7 110A1016141D > ! > spd headroom 1024 > sdm ipqos zero > sdm policy 0 > ip subnet-zero > no ip finger > ip domain-name devel.net > ip name-server 10.10.50.139 > ! > ! > ! > ! > interface Loopback0 > ip address 192.168.3.254 255.255.255.255 > ! > interface GigabitEthernet0/0/0 > ip address 10.5.1.1 255.255.255.252 > no negotiation auto > ! > interface FastEthernet1/0/0 > ip address 10.8.1.2 255.255.255.252 > ! > interface FastEthernet1/0/1 > ip address 10.5.1.5 255.255.255.252 > ! > interface FastEthernet1/0/2 > ip address 10.5.1.17 255.255.255.252 > ! > interface FastEthernet1/0/3 > ip address 10.5.1.37 255.255.255.252 > ! > interface FastEthernet1/0/4 > ip address 10.6.1.6 255.255.255.252 > ! > interface FastEthernet1/0/5 > ip address 10.2.1.1 255.255.255.0 > ! > interface FastEthernet1/0/6 > ip address 10.1.1.1 255.255.255.0 > ip access-group 101 out > duplex half > speed 100 > ! > interface FastEthernet1/0/7 > ip address 10.1.200.1 255.255.255.0 > no ip redirects > ! > interface FastEthernet1/0/7.1 > ! > interface FastEthernet1/0/7.2 > ! > interface FastEthernet1/0/7.201 > encapsulation dot1Q 201 > ip address 10.1.201.1 255.255.255.0 > no ip redirects > ! > interface FastEthernet1/0/7.202 > encapsulation dot1Q 202 > ip address 10.1.202.1 255.255.255.0 > no ip redirects > ! > interface FastEthernet1/0/7.203 > encapsulation dot1Q 203 > ip address 10.1.203.1 255.255.255.0 > no ip redirects > ! > interface Ethernet0 > ip address 10.99.99.99 255.255.255.0 > ! > interface Ethernet0.1 > ! > interface Ethernet0.2 > ! > router ospf 10 > router-id 192.168.3.254 > log-adjacency-changes > redistribute static subnets > passive-interface GigabitEthernet0/0/0 > network 10.0.0.0 0.255.255.255 area 0 > network 192.168.3.254 0.0.0.0 area 0 > default-information originate always > ! > ip classless > ip route 0.0.0.0 0.0.0.0 10.8.1.1 > ip route 10.2.101.0 255.255.255.0 10.2.1.100 > ip route 10.10.0.0 255.255.0.0 10.5.1.2 > ip route 10.10.96.0 255.255.224.0 Null0 > ip route 10.10.128.0 255.255.192.0 Null0 > ip route 10.10.192.0 255.255.192.0 Null0 > no ip http server > ip ospf name-lookup > ! > access-list 101 deny ip host 10.10.50.64 host 10.1.1.151 > > snmp-server community public RO > snmp-server trap-source Loopback0 > snmp-server location QA LAB > snmp-server contact Quality Assurance > snmp-server enable traps snmp > snmp-server enable traps ima > snmp-server enable traps hsrp > snmp-server enable traps config > snmp-server enable traps entity > snmp-server enable traps chassis-fail > snmp-server enable traps chassis-change > snmp-server enable traps bgp > snmp-server enable traps syslog > snmp-server enable traps rsvp > ! > ! > line con 0 > logging synchronous > full-help > transport input none > line aux 0 > line vty 0 4 > exec-timeout 30 0 > password 7 070C285F4D06 > login > length 0 > ! > end Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=26036&t=26024 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]