I have 10 VLAN in my core switch having HSRP
all vlan subnets are 172.23.1.0/24 to 172.23.10.0/24
vlan range start from vlan2 to vlan11
with having intervlan rouitng
i hev created vlan 15 which having subnet 192.168.10.0/24 ....this vlan extented to all my access layer trunk port.
I have ADSL internet line in vlan 15 .ADLS ROUter IP 192.168.10.10/24
I want to achive following things
1. PC which is connected on vlan-15 ( subnet 192.168.10.0) will brows internet using ADLS line 192.168.10.10 router ..
PC which is connected to vlan 15 it shld not have access to other vlan...
i hve created access list as follow
IP ACCESS-LIST EXTENTED BLOCKVLAN
10 deny 172.23.0.0 0.0.255.255 192.168.10.0 0.0.0.255
20 permit ip any any
applied this excess list
ip access-group BLOCKVLAN in
tell me my configuration is ok or not