Access list on Catalyst 2950 and Fragmented IP packets

Discussion in 'Cisco' started by Nawak, Aug 7, 2004.

  1. Nawak

    Nawak Guest


    I am using a Catalyst 2950 switch and have the need to stop all the
    traffic coming from one port but not the traffic that goes out to this
    port. To do so I created an IP access list that denies everything and
    applied it on the port's input. It seems to work except when fragmented
    IP packets come to the interface, then they go through and pollute the
    main traffic...
    Does anyone have an idea of what is going on and how to solve this

    Nawak, Aug 7, 2004
  2. See if this helps:

    Terry Baranski, Aug 7, 2004
