I want to separate my network, i have 2 vlans 10.76.0.0 and 172.16.0.0, I don't want them to be able to ping or communicate with each other. I am currently able to ping ex: computer 10.76.2.30 can ping 172.16.32.1, we need to separate them and not allow them to talk at all. This is the access list I currently have configured
ip access-list standard 50
10 permit 192.168.0.0 0.0.255.255
20 permit 10.76.0.0 0.0.0.255
30 permit 10.233.4.0 0.0.1.255
40 permit 10.243.4.0 0.0.1.255
ip access-list extended 101
10 deny ip any 172.16.0.0 0.0.255.255
20 permit ip any any
and here is show ver on the switch
Cisco IOS XE Software, Version 16.12.03a
Cisco IOS Software [Gibraltar], Catalyst L3 Switch Software (CAT9K_IOSXE), Versi on 16.12.3a, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2020 by Cisco Systems, Inc.
Compiled Tue 28-Apr-20 09:37 by mcpre
Cisco IOS-XE software, Copyright (c) 2005-2020 by cisco Systems, Inc.
All rights reserved. Certain components of Cisco IOS-XE software are
licensed under the GNU General Public License ("GPL") Version 2.0. The
software code licensed under GPL Version 2.0 is free software that comes
with ABSOLUTELY NO WARRANTY. You can redistribute and/or modify such
GPL code under the terms of GPL Version 2.0. For more details, see the
documentation or "License Notice" file accompanying the IOS-XE software,
or the applicable URL provided on the flyer accompanying the IOS-XE
software.
ROM: IOS-XE ROMMON
BOOTLDR: System Bootstrap, Version 16.12.2r, RELEASE SOFTWARE (P)
HQ_9300 uptime is 1 year, 1 week, 4 days, 16 hours, 29 minutes
Uptime for this control processor is 1 year, 1 week, 4 days, 16 hours, 30 minute s
System returned to ROM by PowerOn at 12:53:02 UTC Mon Aug 17 2020
System image file is "flash:packages.conf"
Last reload reason: PowerOn
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
Technology Package License Information:
------------------------------------------------------------------------------
Technology-package Technology-package
Current Type Next reboot
------------------------------------------------------------------------------
network-advantage Smart License network-advantage
dna-advantage Subscription Smart License dna-advantage
AIR License Level: AIR DNA Advantage
Next reload AIR license Level: AIR DNA Advantage
Smart Licensing Status: REGISTERED/AUTHORIZED
cisco C9300-48P (X86) processor with 1343703K/6147K bytes of memory.
Processor board ID FJC2428T0DK
3 Virtual Ethernet interfaces
52 Gigabit Ethernet interfaces
8 Ten Gigabit Ethernet interfaces
2 TwentyFive Gigabit Ethernet interfaces
2 Forty Gigabit Ethernet interfaces
2048K bytes of non-volatile configuration memory.
8388608K bytes of physical memory.
1638400K bytes of Crash Files at crashinfo:.
11264000K bytes of Flash at flash:.
0K bytes of WebUI ODM Files at webui:.
Base Ethernet MAC Address :
Motherboard Assembly Number : 73-18274-05
Motherboard Serial Number :
Model Revision Number : A0
Motherboard Revision Number : A0
Model Number : C9300-48P
System Serial Number :
Switch Ports Model SW Version SW Image Mode
------ ----- ----- ---------- ---------- ----
* 1 65 C9300-48P 16.12.3a CAT9K_IOSXE INSTALL
Configuration register is 0x102
