Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
392
Views
0
Helpful
3
Replies

Problem with acces-list permit and deny

rechard_david
Level 1
Level 1

‎12-01-2008 01:04 AM - edited ‎03-06-2019 02:44 AM

Dear All,

Please help me to solve problem as below!!!

I had Cisco switch 3560 and i did inter-Vlan on this switch. So i was create 3 vlan( Vlan10,20 and 30) and was configure

access-list all 3 vlan .

let me tell u what i want:

1.On Vlan 10: Vlan10 can access vlan 20 and Vlan30.

2.On Vlan 20 : cannot access Vlan 10 and Vlan 30.

3.On Vlan 30 : cannot access Vlan 10 and vlan20

as configuration as above it doesn't work Could you correct on this comand?

Best Regards,

Rechard

Labels:
0 Helpful
3 Replies 3

Marwan ALshawi
VIP Alumni
VIP Alumni

‎12-01-2008 01:30 AM

the only way u can configure it by using the established ACL this way the returne traffic from vlan 10 will be permited

0 Helpful

k.cherian
Level 1
Level 1

‎12-02-2008 04:54 PM

Hi David,

On Vlan 10, since we are allowing access to all other Vlans, we would not need any ACLs on that Vlan.

For Vlan 20 and 30, we can configure and apply a standard ACL that will deny any packets with a destination address to either of the other Vlans.

For example on Vlan 20, you will create an ACL with ACEs as follows:

deny ip any

deny ip any

Once done, you can apply this group on to the Vlan interface.

Hope this helps.

-/ KC

0 Helpful

ganeshhiyer
Level 1
Level 1

‎12-02-2008 09:47 PM

Hi rechard,

Can you share the configuration of VACL what you have deployed in the interface of each vlan.

Ganesh.H

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card