Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VLAN ACLs

I have seen this in this forum before but the answer did not solve my issue. I am trying to keep 3 student VLANs from accessing staff VLANs but allow staff to access the Student VLANs

Student VLANs

VLAN 100 10.100.0.0 /24

VLAN 101 10.101.0.0 /24

VLAN 102 10.102.0.0 /24

Staff VLANs

VLAN 5     192.168.5.0 /24

VLAN 240 192.168.9.0 /24

VLAN 10   192.168.10.0 /24

VLAN 250 192.168.11.0 /24

VLAN 291 192.168.12.0 /24

VLAN 425 192.168.16.0 /24

VLAN 50   192.168.50.0 /24

VLAN 99   192.168.99.0 /24

When I do something like this it stops the students from getting through but then I get knock out from communicating with their side (Test PC 10.102.0.20)

access-list 102 deny ip 10.102.0.0 0.0.0.255 192.168.0.0 0.0.255.255

access-list 102 permit ip 192.168.0.0 0.0.255.255 any

interface vlan 102

ip access-group 102 in

All Pings Drop going in both ways and I can no longer VNC into their PC

I am running all this on a 4510 (SupIV Version 15.0(2)SG7) switch acting as the Switch/Router gateway for all VLANs

Let me know if you need any more information and how I can go about this let me know please.

Thank you Stephen

114
Views
0
Helpful
0
Replies
CreatePlease login to create content