My objective is to implement inter-vlan filtering on my core switch. I have three vlans 1, 2 and 5 and want to block users in vlan 1 & 2 from accessing vlan 50. Only IP 192.168.1.103 in vlan 1 should be able to access the servers in vlan 5.
ip address 192.168.1.254 255.255.255.0
ip address 192.168.2.254 255.255.255.0
ip address 192.168.5.254 255.255.255.0
vlan access-map CCTV_VLAN_TRAFFIC 10
match ip address BLOCK_TRAFFIC
vlan access-map CCTV_VLAN_TRAFFIC 20
match ip address ALLOW_TRAFFIC
vlan filter CCTV_VLAN_TRAFFIC vlan 5
ip access-list extended BLOCK_TRAFFIC
permit ip 192.168.1.0 0.0.0.255 192.168.5.0 0.0.0.255
permit ip 192.168.2.0 0.0.0.255 192.168.5.0 0.0.0.255
ip access-list extended ALLOW_TRAFFIC
permit ip host 192.168.1.103 192.168.5.0 0.0.0.255
I am not able to ping from any PC in vlan 1 & vlan 2 to vlan 5, but I am getting Request timed out and not Destination unreachable. Why?
I am also not able to ping from 192.168.1.103 to any devices on vlan 5. Please help me with my access-list.
Thanks in advance.