Solved: Re: ACL not working

FabioLanza89974 · ‎02-15-2020

Hi,

I have three vlans: user, wireless, dmz. I want to prevent traffic from dmz to user and from dmz to wireless. I implemented these ACLs but it's not working. Traffic is still being allowed. Can you please let me know if I'm doing anything wrong?

ip access-list extended "dmz -> user"
deny ip 10.0.0.0 0.0.0.255 10.0.1.0 0.0.0.255 ace-priority 1
exit
ip access-list extended "dmz -> wireless"
deny ip 10.0.0.0 0.0.0.255 10.0.2.0 0.0.0.255 ace-priority 1
exit

Thanks,

Fabio

balaji.bandi · ‎02-16-2020

have you bind the ACL to VLAN ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

Muhammad Awais Khan · ‎02-15-2020

Hi,

Did you apply it to interface at interface level command " Access-Group input dmz -> user ? If so which interface you applied ?

FabioLanza89974 · ‎02-16-2020

I am not very skilled with the CLI so I did everything via the GUI. I don't think that I applied it at interface level. If you share the command with me to try out via CLI I could execute it. Thanks.

Georg Pauwen · ‎02-16-2020

Hello,

whar device is this GUI screenshot from, which router/switch model ? Somewhere in the GUI there should be a 'Save' and/or 'Apply' button, make sure you have that checked...