Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Access-List doubt

Hi,

i wanted to put access-list on my 3750 switch, requirement is, 192.168.16.0/24 should be accessed by 10.2.1.0/24 & 10.2.9.0/24 should not access 192.168.16.0/24, where as 10.2.1.0/24 shoule access both 192.168.16.0/24 & 10.2.9.0/24.

vlan2

192.168.16.1/24

vlan3

10.2.1.1/24

vlan4

10.2.9.1/24

2 REPLIES

Re: Access-List doubt

Hi,

u apply the followng on vlan4,

(conf)access-list 100 deny ip 10.2.9.0 0.0.0.255 192.168.16.0 0.0.0.255

(conf)access-list 100 permit ip any any

(conf)int vlan 4

ip access-group 100 out

u apply this on vlan2,

(conf)access-list 101 permit ip 10.2.1.0 0.0.0.255 192.168.16.0 0.0.0.255

(conf)int vlan 2

ip access-group 101 in

The a bove will fill full ur requirment, remember u didn't mention that Subnet 10.2.1.0/24 has any access restrictions.

pls rate the post if it helps,

Mohamed

Re: Access-List doubt

Thanks for the information, will try this

111
Views
0
Helpful
2
Replies