cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
736
Views
0
Helpful
4
Replies

ACLs doesnt work, trying to block ICMP in testlab

trane.m
Level 1
Level 1

Hi,

As title states, i'm trying to block WinServer19 from sending ICMP packets to PC1 in VLAN10. My lab looks like this:

tranem_0-1671446399415.png

In this picture it doesn't show, but there is a portchannel 2 between SRVACC and Core1, also a portchannel 1 between Core switches. On Core1, i configured this ACL:

tranem_1-1671446434602.png

When i first tried to apply it to portchannel 2, it wouldn't work, i was still able to ping from WinServer19, so i also applied it to G2/2 and G2/3.

tranem_2-1671446523728.png

From WinServer19, i can still ping PC1, Core1, google and whatever else i tried. Why is it not working?

4 Replies 4

where is VLAN50s gateway configured? map your ACL to VLAN50s gateway SVI in bound.

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB

Yes of course, i totally missed that! Thank you! it works!

good. if it resolved the issue, please mark this as a solution.

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB

if you run HSRP or GLBP then you must apply ACL in SVI in both Core.

Review Cisco Networking for a $25 gift card