Campus Switching and Routing

Reply
Highlighted
New Contributor

Access Lists

I want to prevent a vlan on the switch from being able to talk to other vlans, below is what I thought was the solution, but it denies traffic to all. I want to deny to all apart from one vlan (172.16.10.0)

 

ip access-list extended "101"
     10 permit ip 172.16.20.0 255.255.255.0 172.16.10.0 255.255.255.0
     20 deny ip 172.16.20.0 255.255.255.0 172.16.0.0 255.255.0.0

 

 

vlan 207
   name "Test"
   ip access-group "101" out
   ip address 172.16.20.1 255.255.255.0

New Contributor

Re: Access Lists

incase anyone is interested, I solved.

 

I got my subnets wrong. should have been 0.0.0.255 not 255.255.255.0

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: