My apologies in advance if this has already been answered.
I have to limit a particular site from reaching other sites via our WAN cloud. I believe the easiest is to "white list" the nets that are allowed and allow the implicit deny all take care of the rest. So my question is this:
stack of 3750G (3) with a WAN VLAN configured
If I apply the following ACL to the VLAN interface (VLAN 10) I should only allow access to the listed networks from the other networks behind the 3750, correct?
ip access-list extended COMP1_TO_COMP2
permit ip host 192.168.67.22 host 192.168.67.10 - WAN Router and BGP Peer
permit ip any host 192.168.67.20 --- Optimizer
permit ip any 10.1.0.0 0.0.255.255 --- net_1
permit ip any 10.10.0.0 0.0.255.255 --- net_2
permit ip any 10.40.0.0 0.0.255.255 --- net_3
ip access-list extended COMP2_TO_COMP1
permit ip host 192.168.67.10 host 192.168.67.22 - WAN Router and BGP Peer
permit ip host 192.168.67.20 --- Optimizer
permit ip 10.1.0.0 0.0.255.255 any -- Net_1
permit ip 10.10.0.0 0.0.255.255 any -- Net_2
permit ip 10.40.0.0 0.0.255.255 any -- Net_3
ip address 192.168.67.22 255.255.255.0
ip access-list COMP1_TO_COMP2 OUT
ip access-list COMP2_TO_COMP1 IN
is this correct or am I completley wacked out???