Hello,

I have the Vlan configuration similar to this .We have hosted very critical servers in Vlan2 and these servers should be accessible for the users who are in Vlan2 and vlan 20 only. I want to create a access list in such a way that , users in other Vlan's (other than Vlan 2 and 20) should not able to access the resources (severs) in Vlan 2 and users in Vlan2 should not access the resources in other Vlans except Vlan 20.

Thanks

Raju

interface Vlan1

ip address 10.1.0.24 255.255.0.0

standby preempt

standby 1 ip 10.1.0.25

standby 1 priority 110

!

interface Vlan2

ip address 10.44.2.1 255.255.255.0

description **** Business ctitical servers ###

!

interface Vlan3

ip address 10.44.3.2 255.255.255.0

standby preempt

standby 3 ip 10.44.3.1

standby 3 priority 110

!

interface Vlan4

description **** Operation dept ****

ip address 10.44.4.2 255.255.255.0

ip helper-address 10.44.20.50

standby preempt

standby 4 ip 10.44.4.1

standby 4 priority 110

!

interface Vlan5

description ### Servers Vlan ###

ip address 10.44.1.2 255.255.255.0

standby preempt

standby 5 ip 10.44.1.1

standby 5 priority 110

!

interface Vlan6

description ***IMPLEMENTATION VLAN***

ip address 10.44.6.2 255.255.255.0

ip helper-address 10.44.20.50

standby preempt

standby 6 ip 10.44.6.1

standby 6 priority 110

!

interface Vlan7

ip address 10.44.7.1 255.255.255.0

!

interface Vlan8

ip address 10.44.8.1 255.255.255.0

!

interface Vlan9

ip address 10.44.9.2 255.255.255.0

standby preempt

standby 9 ip 10.44.9.1

standby 9 priority 110

!

interface Vlan10

ip address 10.44.10.1 255.255.255.0

!

interface Vlan11

description ***TRAINING VLAN ***

ip address 10.44.11.2 255.255.255.0

ip helper-address 10.44.20.50

ip accounting output-packets

standby preempt

standby 11 ip 10.44.11.1

standby 11 priority 110

interface Vlan20

description ***TI-VLAN***

ip address 10.44.20.2 255.255.255.0

ip helper-address 10.44.20.50

standby preempt

standby 20 ip 10.44.20.1

standby 20 priority 110

!