Hi, I'm wonder about ACL.
I want to make 2 ACL.
1. Guest vlan can access only Internet.(to 192.168.2.2 = Firewall IP)
2. Then Guest vlan cannot access any other vlans.
3. Any other vlans cannot access Guest vlan.
1. Server vlan can accessed by only Employee vlan.
2. Any other vlans cannot access the Server vlan.
Is it right? Please cheak my ACL Example...^^
V1(Device) 192.168.0.1/24V2(Employee) 192.168.10.1/24V3(Server) 192.168.100.1/24V4(Guest) 172.16.0.1/16V5(FM) 192.168.1.1/24V6(Serial) 192.168.2.1/24
ip access-list extended Vlan4permit ip 172.16.0.1 0.0.255.255 192.168.2.1 0.0.0.255 logdeny ip 172.16.0.1 0.0.255.255 192.168.0.1 0.0.255.255 logpermit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255exitvlan 4ip access-group vlan4 out
ip access-list extended Vlan3permit ip 192.168.10.1 0.0.0.255 192.168.100.1 0.0.0.255 logdeny ip 192.168.0.1 0.0.255.255 192.168.100.1 0.0.0.255 logdeny ip 172.16.0.1 0.0.255.255 192.168.100.1 0.0.0.255 log(=don't need? Because ACL1 included?)permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255exitvlan 3ip access-group vlan3 in
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.