I'm new to VACL's. I have the following configured but its not working:
ip access-list extended chris_codomino1
permit ip host 172.16.14.59 host 10.1.1.10
ip access-list extended grant_all
permit ip any any
ip access-list extended no_access_codomino1
deny ip any host 10.1.1.10
vlan access-map ABC123 10
match ip address chris_codomino1
vlan access-map ABC123 20
match ip address no_access_codomino1
vlan access-map ABC12330
match ip address grant_all
vlan filter codomino1 vlan-list 4
What I thought it should do is allow IP 172.16.14.59 access to 10.1.1.10 but deny all other access to this server and then allow all other traffic to flow to/from vlan 4.
Can someone tell me what I'm doing wrong?
Change your 'ip access-list extended no_access_codomino1' to PERMIT ip any host 10.1.1.10. You are only selecting traffic pattens to match in the access-list, the class maps/action syntax will handle the actual drop or discarding of traffic.
That should resolve the issue.