Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

ACL List Permit Only Web Traffic

Hello,

I am having some issues with an ACL I'm trying to create for guest internet access at our sites. We have a separate VLAN (10.100.206.x) for the guest access and I have assigned the ACL's to the VLAN interface. I have attached a list of the acl that I am currently using. ACL 101 is set to outbound while ACL 102 is inbound. The 150.x IP's are the DNS servers.

Also it seems that I cannot obtain an ip address from the DHCP server (10.100.178.184).

I only want to allow guest access to the internet but not allow access to the internal network. We have multiple VLAN's at this location.

Thanks for the help!

Tim

1 REPLY
Blue

Re: ACL List Permit Only Web Traffic

T:

Keep in mind the following when you apply ACLs to a VLAN interface:

An access-list applied outbound to a vlan interface is traffic going TO machines on that vlan.

An access-list applied inbound to a vlan is traffic coming FROM machines on that vlan.

Also, if the DHCP server is not located on the same VLAN as the guest users, you will need to apply the ip helper-address <ip address of DHCP server> command to the guest user VLAN interface.

HTH

Victor

1059
Views
0
Helpful
1
Replies
CreatePlease to create content