04-13-2014 03:48 AM - edited 03-04-2019 10:47 PM
I am providing the internet to different outside client, I want to allow only internet access and ristrict to server vlan
my server vlan is 192.168.205.0
vlan for client 10.1.13.0 vlan 700
Client network 192.168.121.0
i have created the following access list:
10 deny ip 192.168.121.0 0.0.0.255 192.168.0.0 0.0.255.255
20 permit ip 192.168.121.0 0.0.0.255 any
route-map EK permit 10
match ip address EK
set ip next-hop 192.168.221.10
Applied to the client vlan 700
Traffic is matched with access list
Extended IP access list EK
10 deny ip 192.168.121.0 0.0.0.255 192.168.0.0 0.0.255.255 (3 matches)
20 permit ip 192.168.121.0 0.0.0.255 any (3 matches)
but client still able to access my server vlan
What should i do
Solved! Go to Solution.
04-14-2014 02:43 AM
Dear imranaman,
If you want to deny user to access web server and may remain use internet, there is no need for route-map just apply access-list on interface that directly connected with user VLAN.
Don't forget to rate helpful posts.
Sajid Ali Pathan
04-14-2014 02:43 AM
Dear imranaman,
If you want to deny user to access web server and may remain use internet, there is no need for route-map just apply access-list on interface that directly connected with user VLAN.
Don't forget to rate helpful posts.
Sajid Ali Pathan
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide