We are using vlan routing at our company to connect to different vlans from our management vlan. Nowwe want themanagementvlan to be able to talk to all the other vlans. but all othervlansnottogether.explainedbriefly:host ais allowedtohostbbut host b should not be allowed to host a. now I have createdan ACL so VLAN 102 cant talk to VLAN 20. but then the ACLblockedthe entiretraffic betweentwohostswhich is notthe intention. Does anyone has a solution forme?Herebelowmyconfig. It's an layer 3 switch.
some help would be great!
interface Vlan1 no ip address shutdown ! interface Vlan101 ip address 10.10.20.1 255.255.255.0 ! interface Vlan102 ip address 22.214.171.124 255.255.255.0 ip access-group Drop_201 in ! interface Vlan201 ip address 10.20.0.1 255.255.255.192 ! interface Vlan205 ip address 10.20.1.1 255.255.255.192 ! interface Vlan206 ip address 10.20.1.65 255.255.255.192
ip access-list extended Drop_201 permit icmp any any deny ip any 126.96.36.199 0.0.0.255 10.20.0.1 0.0.0.63 permit ip any any
I tried what you suggest but it doesn't work. It blocks the entire traffic between vlans and thats not right. it has to be that vlan10 can acces vlan 20 but vlan 20 cant acces vlan 10 for example. Do you have other options for me ?
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...