cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
380
Views
0
Helpful
7
Replies

Access List

jagdev.dhaliwal
Level 1
Level 1

Hi

I want to make access list that from one vlan (Vlan10) out my 8 vlan can acess only two servers form server vlan (vlan 2)that are DHCP (IP x.x.x.10 )and proxy server (IP x.x.x.14:8088) so that the users from that vlan can get only access internet and get IP .Can anybody help me

Thanks Frds

JD

7 Replies 7

royalblues
Level 10
Level 10

if i understand you correctly, you want users in VLAN10 to get IP addresses and should be able to access only internet and proxy server.

For this you can try something like this

access-list 100 permit udp any any eq 67

access-list 100 permit udp any any eq 68

access-list 100 permit ip host

access-list 100 permit ip any eq www

interface vlan 10

ip access-group 100 in

HTH

Narayan

Thanks Narayan

yes you understood, what i want thanks for your help i will try and let you know about the result

i have already applied 101 list as in

i think i should aplly it "out" instead of " in" , and will it requie some changes

for that

interface vlan 10

ip access-group 101 in

For out you need to use ip access-group 101 out

But in your case inbound access-list would make more sense

Narayan

Thaks for your precious time Sir

Can we apply more than one inbound

Access lists on an interface

Like

interface vlan 10

ip access-group 101 in

ip access-group 102 in

Regards

JD

No..you can have only one inbound and one outbound access-list applied to an interface

int vlan 10

ip access-group 101 in

ip access-group 102 out

Narayan

so Sir can a apply like this

access-list 100 permit udp any any eq 67

access-list 100 permit udp any any eq 68

access-list 100 permit ip host

access-list 100 permit ip any eq www

interface vlan 10

ip access-group 100 out

or should i apply

access-list 10 permit

access-list 10 permit

access-list 10 deny any

interface vlan 10

ip access-group 10 out

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: