acl for traffic!

Unanswered Question
Mar 18th, 2007
User Badges:

r1----(G1)6509(VLAN10)------computer

i config acl (deny any any)apply to interface vlan10 on 6509, whatever in or out, I found i can ping vlan 10 interface ip address from R1.



But i can't ping vlan 10 interface ip address in 6509.



how can i config acl to block traffic from r1 to reach interface vlan 10 on 6509.


I don't like place acl in G1 interface.


how can I block traffic originated with 6509 to reach interface vlan 10 interface ip address or computer below it!

thank you!




  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Amit Singh Sun, 03/18/2007 - 23:29
User Badges:
  • Cisco Employee,

Do you want to block the traffic with in the Vlan 10. Please explain it again.


-amit singh

fly Mon, 03/19/2007 - 02:50
User Badges:

r1----(g1)6509(vlan10)-----computer


i want block traffic from r1 to computer in vlan 10.


I know i can config acl on interface g1. But customer don't agree.

i config one acl ,and apply to interface vlan 10 on 6509. both in and out


acl is simple deny ip any any.

I found i can ping vlan 10 interface ip address from r1.

but i can't ping vlan 10 interface ip address in 6509 .


customer want block traffic from r1 to vlan 10 and also not reach vlan 10 interface ip address.


how can i do this, if i can't apply acl on interface G1.


thank you!


Actions

This Discussion