Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
448
Views
0
Helpful
2
Replies

ACL

aksher
Level 1
Level 1

‎04-23-2008 10:35 PM - edited ‎02-20-2020 09:40 PM

Can an inbound ACL have an ip range as source which does not belong to that VLAN?

Labels:
0 Helpful
2 Replies 2

gojericho0
Level 1
Level 1

‎04-24-2008 05:15 AM

Yes, but it will have to be an extended ACL

Lets say your VLAN range is 192.168.1.0/24 you can create a ACL targeted for a different network

Router(config)# access-list 101 allow ip 192.168.2.0 0.0.0.255 any

This would allow any traffic from 192.168.2.0/24

You could then place this access list on the SVI of your VLAN

Router(config-if)#ip access-group 101 in

0 Helpful

acomiskey
Level 10
Level 10
In response to gojericho0

‎04-24-2008 06:24 AM

The only source addresses from that vlan would be 192.168.1.0/24 when the acl is applied in.

int vlan 10

ip addr 192.168.1.1

ip access-group 101 in

If it were applied "out", then the source could be any.

0 Helpful
Customers Also Viewed These Support Documents