I have a 3750 switch where I am going to plug in a new connection on port g1/0/45. This connection will connect to another network that I only semi-trust so I need to restrict access.
On that port I will configure an ip of 10.112.50.22/24. This will connect to someone else's switch that holds the 10.112.50.0/24 network.
I have servers connected to my switch that this network needs access to.
Namely I need to allow hosts 10.112.50.8, 10.150.12.2, 10.151.12.2 access to my servers at 192.168.60.35 and 192.168.60.36. These servers are connected in VLAN1 on my switch.
I don't want them to have access to anything but those two servers. I don't need to filter by port, pure IP connectivity is fine for this.
Since I am 6000 miles away from my lab I dont have access to a live 3750. If memory serves, this is what I need to do:
Int g1/0/45 ip address 10.150.112.21/24
IP Access list 200 in
IP Access list 200
Permit ip host 10.150.12.8 host 192.168.60.36
Permit ip host 10.150.12.8 host 192.168.60.35
Permit ip host 10.150.12.2 host 192.168.60.36
Permit ip host 10.150.12.2 host 192.168.60.35
Permit ip host 10.151.12.2 host 192.168.60.36
Permit ip host 10.151.12.2 host 192.168.60.35
I have a change window tonight and need to confirm that this is the way to do it.