i use 2 core switches : c6500 SUP1+PFC+MSFC2 (12.1)using HSRP....
i added an ACL to vlan 122:
ip access-list extended acl122
permit ip 10.122.0.0 0.0.255.255 100.100.0.0 0.0.255.255
int vlan 122
ip access-group acl122 in
now, from a computer in vlan 122 i can ping all computers in vlan 100 and all computers in vlan 122 except my gateway 10.122.100.254 that is the hsrp address. even the real addresses 10.122.100.252 & 253 can't be pinged.
arp is resolved, but it seems to be a problem caused by my ACL.
is this normal?
ACL's on routers & switches will affect traffic originating from them, acl's on the other hand on PIX firewalls do not affect traffic originated from the PIX itself.