Access List for Multiple VLAN

Unanswered Question
May 25th, 2009
User Badges:

Dear


I have 10 VLAN in my core switch having HSRP


all vlan subnets are 172.23.1.0/24 to 172.23.10.0/24


vlan range start from vlan2 to vlan11


with having intervlan rouitng


i hev created vlan 15 which having subnet 192.168.10.0/24 ....this vlan extented to all my access layer trunk port.

I have ADSL internet line in vlan 15 .ADLS ROUter IP 192.168.10.10/24


I want to achive following things


1. PC which is connected on vlan-15 ( subnet 192.168.10.0) will brows internet using ADLS line 192.168.10.10 router ..


PC which is connected to vlan 15 it shld not have access to other vlan...


i hve created access list as follow


IP ACCESS-LIST EXTENTED BLOCKVLAN

10 deny 172.23.0.0 0.0.255.255 192.168.10.0 0.0.0.255

20 permit ip any any


applied this excess list


vlan 15

ip access-group BLOCKVLAN in



tell me my configuration is ok or not

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
mahmoodmkl Mon, 05/25/2009 - 04:52
User Badges:
  • Gold, 750 points or more

Hi


It should be like this

IP ACCESS-LIST EXTENTED BLOCKVLAN

10 deny 192.168.10.0 0.0.0.255 172.23.0.0 0.0.255.255

20 permit ip any any


Thanks

Mahmood


Actions

This Discussion

Related Content