Access List for Multiple VLAN

Unanswered Question
May 25th, 2009

Dear

I have 10 VLAN in my core switch having HSRP

all vlan subnets are 172.23.1.0/24 to 172.23.10.0/24

vlan range start from vlan2 to vlan11

with having intervlan rouitng

i hev created vlan 15 which having subnet 192.168.10.0/24 ....this vlan extented to all my access layer trunk port.

I have ADSL internet line in vlan 15 .ADLS ROUter IP 192.168.10.10/24

I want to achive following things

1. PC which is connected on vlan-15 ( subnet 192.168.10.0) will brows internet using ADLS line 192.168.10.10 router ..

PC which is connected to vlan 15 it shld not have access to other vlan...

i hve created access list as follow

IP ACCESS-LIST EXTENTED BLOCKVLAN

10 deny 172.23.0.0 0.0.255.255 192.168.10.0 0.0.0.255

20 permit ip any any

applied this excess list

vlan 15

ip access-group BLOCKVLAN in

tell me my configuration is ok or not

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
mahmoodmkl Mon, 05/25/2009 - 04:52

Hi

It should be like this

IP ACCESS-LIST EXTENTED BLOCKVLAN

10 deny 192.168.10.0 0.0.0.255 172.23.0.0 0.0.255.255

20 permit ip any any

Thanks

Mahmood

Actions

This Discussion

Related Content