Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
724
Views
0
Helpful
4
Replies

ACLs doesnt work, trying to block ICMP in testlab

trane.m
Level 1
Level 1

‎12-19-2022 02:44 AM

Hi,

As title states, i'm trying to block WinServer19 from sending ICMP packets to PC1 in VLAN10. My lab looks like this:

tranem_0-1671446399415.png

In this picture it doesn't show, but there is a portchannel 2 between SRVACC and Core1, also a portchannel 1 between Core switches. On Core1, i configured this ACL:

tranem_1-1671446434602.png

When i first tried to apply it to portchannel 2, it wouldn't work, i was still able to ping from WinServer19, so i also applied it to G2/2 and G2/3.

tranem_2-1671446523728.png

From WinServer19, i can still ping PC1, Core1, google and whatever else i tried. Why is it not working?

Labels:
0 Helpful
4 Replies 4

Kasun Bandara
VIP
VIP

‎12-19-2022 02:58 AM

where is VLAN50s gateway configured? map your ACL to VLAN50s gateway SVI in bound.

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB
0 Helpful

trane.m
Level 1
Level 1
In response to Kasun Bandara

‎12-19-2022 03:02 AM

Yes of course, i totally missed that! Thank you! it works!

0 Helpful

Kasun Bandara
VIP
VIP

‎12-19-2022 03:06 AM

good. if it resolved the issue, please mark this as a solution.

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB
0 Helpful

MHM Cisco World
VIP
VIP

‎12-19-2022 03:22 AM

if you run HSRP or GLBP then you must apply ACL in SVI in both Core.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card