Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
1383
Views
0
Helpful
2
Replies

ACL Question

Go to solution
Master Blaster
Level 1
Level 1

ā€Ž03-12-2017 04:30 AM - edited ā€Ž03-05-2019 08:11 AM

Hello All,

I really need your support to resolve this issue 

Please refer the diagram and config

I need to stop Branch office to  access Head office Subnet  192.168.0.1/24

Also Head office VLAN 20 (192.168.0.1/24) should have  internet access only . (No VLAN 10 or  branch Office network).

Both Branch office and VLAN 20 in head office in same IP range and currently branch office can access Head office VLAN 20 .

I really cannot find a way to stop branch office  accessing  HO VLAN 20

Many Thanks

Labels:
Preview file
28 KB
Preview file
2 KB
Preview file
2 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Ganesh Hariharan
VIP Alumni
VIP Alumni

ā€Ž03-12-2017 04:54 AM

Hi,

ACL can be applied either in IN or OUT direction both have there own significance...

Inbound refers to packets coming in to the interface.

Outbound refers to packets going out from the interface.

Lets see example ..

PC-->fa0/0 (R1) Fa0/11 -->R2

So if PC is connected to R1 (we will assume interface Fa0/0) and R1's connection to R2 is using interface Fa0/11 the traffic flow for your ping packet would be;

Packet comes in to interface Fa0/0 on R1 from PC. Packet goes out from R1 to R2 on interface Fa0/11.

So as you can think and apply the ACL based on your traffic flow ..

Hope it Helps..

-GI

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Ganesh Hariharan
VIP Alumni
VIP Alumni

ā€Ž03-12-2017 04:54 AM

Hi,

ACL can be applied either in IN or OUT direction both have there own significance...

Inbound refers to packets coming in to the interface.

Outbound refers to packets going out from the interface.

Lets see example ..

PC-->fa0/0 (R1) Fa0/11 -->R2

So if PC is connected to R1 (we will assume interface Fa0/0) and R1's connection to R2 is using interface Fa0/11 the traffic flow for your ping packet would be;

Packet comes in to interface Fa0/0 on R1 from PC. Packet goes out from R1 to R2 on interface Fa0/11.

So as you can think and apply the ACL based on your traffic flow ..

Hope it Helps..

-GI

0 Helpful

Go to solution
Master Blaster
Level 1
Level 1
In response to Ganesh Hariharan

ā€Ž03-12-2017 06:11 AM

Hello Thanks for the reply.

I still in trouble to applying the correct ACL as both Branch office and Head office subents are same numbers. (192.18.0.0/24

the real issue is 

Branch office has a IP telephone box and the IP address assigned to the IP PBX is 192.168.0.10

and Head office VLAN 20 also has another PC or server assigned  with Same IP address .(cannot change this )

I recently configured VLAN 20 in HO router and  suddenly  IP phone system stopped working as 

when Branch office IP PBX transferred a call to head office ,the head office router start forwarding traffic in 192.168.0.10 in VLAN to instead of talking to the branch office IP pbx .(simply couldn't find the correct destination)

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card