Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Problem with acces-list permit and deny

Dear All,

Please help me to solve problem as below!!!

I had Cisco switch 3560 and i did inter-Vlan on this switch. So i was create 3 vlan( Vlan10,20 and 30) and was configure

access-list all 3 vlan .

let me tell u what i want:

1.On Vlan 10: Vlan10 can access vlan 20 and Vlan30.

2.On Vlan 20 : cannot access Vlan 10 and Vlan 30.

3.On Vlan 30 : cannot access Vlan 10 and vlan20

as configuration as above it doesn't work Could you correct on this comand?

Best Regards,

Rechard

3 REPLIES

Re: Problem with acces-list permit and deny

the only way u can configure it by using the established ACL this way the returne traffic from vlan 10 will be permited

New Member

Re: Problem with acces-list permit and deny

Hi David,

On Vlan 10, since we are allowing access to all other Vlans, we would not need any ACLs on that Vlan.

For Vlan 20 and 30, we can configure and apply a standard ACL that will deny any packets with a destination address to either of the other Vlans.

For example on Vlan 20, you will create an ACL with ACEs as follows:

deny ip any

deny ip any

Once done, you can apply this group on to the Vlan interface.

Hope this helps.

-/ KC

New Member

Re: Problem with acces-list permit and deny

Hi rechard,

Can you share the configuration of VACL what you have deployed in the interface of each vlan.

Ganesh.H

132
Views
0
Helpful
3
Replies