07-26-2006 12:39 PM - edited 03-03-2019 04:14 AM
I have a stacked 3750 with 3 VLAN's. VLAN1 for management, VLAN 2 for the production network and VLAN 3 for test. I need to restrict HTTP from VLAN 3 to a few hosts in VLAN2. I've attached the configuration I am using. This does not seem to work. Any ideas on what I am doing wrong.
Solved! Go to Solution.
07-28-2006 06:53 AM
Rick
Thanks for the guidance. I finally got this right with help from the config that you sent.
I guess I did not state my requirements correctly. Clients in VLAN 3 need to be able to access all servers in VLAN 2 but need to only access few servers (like in your example) using http. Basically the intent is to block web (Intranet and Internet) access to VLAN3. VLAN2 is our gateway to the rest of the world.
This was the config used.
conf t
access-list 100 permit tcp 10.1.3.0 0.0.0.255 host 10.1.2.4 eq www
access-list 100 permit tcp 10.1.3.0 0.0.0.255 host 10.1.2.3 eq www
access-list 100 deny tcp 10.1.3.0 0.0.0.255 any eq www
access-list 100 permit ip any any
int vlan 3
ip access-group 100 in
end
Thanks
Clyde
07-28-2006 07:35 AM
Clyde
I am glad that we finally have found a solution for your question. Thanks for rating and for marking the question as solved. It makes the forum more useful when we can read about a question or a problem and can know that a solution was successful.
I encourage you to continue your participation in the forum.
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide