hi all. Kindly consider my following access-list that i want to apply on my branch router
access-list 111 per ip ho 10.1.56.1 host 10.1.4.56
access-list 111 per ip ho 10.1.56.2 host 10.1.3.6
access-list per ip ho 10.1.56.9 host 10.1.47.69
Now this should be the over all flow in the branch. Means, 10.1.56.1 should be able to talk only to 10.1.4.56 and vice versa, same for all 2 statements. No other communication should be allowed. I was thinking of applying it in the outbound direction and then create another access-list which will be exact mirror of it and then apply it inbound. But i was looking for a much better way of applying it. Like i shall be able to apply it only once such that bi-directional traffic should be allowed just between these IPs.
You would apply it inbound on L3 interface that does the routing for 10.1.56.X subnet. This would take care of the flows . The way you have it now you would only have traffic from those 3 ips as there is a implied deny all at the end of the ACL .
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...