hi! i've some questions on applying acl.
vlan 10 (Office network) 192.168.10.x
vlan 20 (Internet transition netowrk) 192.168.20.x
vlan 30 (Manufacuting network) 192.168.30.x
vlan 40 (Server network) 192.168.40.x
vlan50 (WAN Network) 192.168.50.x
I've 5 vlans in my network. My objectives are to:
-No internet Access
-Only citrix svr and dns access through WAN VLan and Svr Vlan
-Deny all other traffic
What's the simpliest way to achive my objective? Is there a way for me to apply the acl only in vlan30? or must i apply the acl in all other vlans through inbound acl just to achive my objective eg. access-list 100 deny 192.168.20.0 0.0.0.255 192.168.30.0 0.0.0.255, access-list 100 permit any any in vlan20 just to block internet traffic from going into vlan30. I'm trying to minimize the impact of acl in other vlan. We do not have restriction in other vlan except for vlan30.
Pls advise. Thks.