ACLs doesnt work, trying to block ICMP in testlab
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-19-2022 02:44 AM
Hi,
As title states, i'm trying to block WinServer19 from sending ICMP packets to PC1 in VLAN10. My lab looks like this:
In this picture it doesn't show, but there is a portchannel 2 between SRVACC and Core1, also a portchannel 1 between Core switches. On Core1, i configured this ACL:
When i first tried to apply it to portchannel 2, it wouldn't work, i was still able to ping from WinServer19, so i also applied it to G2/2 and G2/3.
From WinServer19, i can still ping PC1, Core1, google and whatever else i tried. Why is it not working?
- Labels:
-
Other Routing
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-19-2022 02:58 AM
where is VLAN50s gateway configured? map your ACL to VLAN50s gateway SVI in bound.
Good luck
KB
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-19-2022 03:02 AM
Yes of course, i totally missed that! Thank you! it works!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-19-2022 03:06 AM
good. if it resolved the issue, please mark this as a solution.
Good luck
KB
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-19-2022 03:22 AM
if you run HSRP or GLBP then you must apply ACL in SVI in both Core.
