if this is a 2948 G-L3, they do not support extended access lists. The IOS won;t give you an error, it just won't work. The cisco site backs this up at: http://www.cisco.com/warp/public/473/29.html#intro
sam sneed ""Andrew L"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi everyone. > > I'm using a 2900 Catalyst and embarassingly enough, I cannot fully block > myself from port 80. My ACL does block me from accessing the switch's Web > interface, but I still surf the net. > > I'm on port F0/2 and my router is on F0/9. All ports are on the default > VLAN. > > Any help appreciated. Thanks in advance! > > interface VLAN1 > ip address 192.168.0.5 255.255.255.0 > ip access-group 101 in > no ip directed-broadcast > no ip route-cache > ! > access-list 101 deny tcp any any eq www > access-list 101 permit ip any any Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=26237&t=26175 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]