04-05-2006 06:39 AM - edited 03-03-2019 02:40 AM
Hi,
i wanted to put access-list on my 3750 switch, requirement is, 192.168.16.0/24 should be accessed by 10.2.1.0/24 & 10.2.9.0/24 should not access 192.168.16.0/24, where as 10.2.1.0/24 shoule access both 192.168.16.0/24 & 10.2.9.0/24.
vlan2
192.168.16.1/24
vlan3
10.2.1.1/24
vlan4
10.2.9.1/24
04-05-2006 07:16 AM
Hi,
u apply the followng on vlan4,
(conf)access-list 100 deny ip 10.2.9.0 0.0.0.255 192.168.16.0 0.0.0.255
(conf)access-list 100 permit ip any any
(conf)int vlan 4
ip access-group 100 out
u apply this on vlan2,
(conf)access-list 101 permit ip 10.2.1.0 0.0.0.255 192.168.16.0 0.0.0.255
(conf)int vlan 2
ip access-group 101 in
The a bove will fill full ur requirment, remember u didn't mention that Subnet 10.2.1.0/24 has any access restrictions.
pls rate the post if it helps,
Mohamed
04-05-2006 08:39 AM
Thanks for the information, will try this
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: