ip access-list extended vlan10
permit tcp 172.20.10.0 0.0.0.255 host 172.20.10.2 eq ftp
permit tcp 172.20.10.0 0.0.0.255 host 172.20.20.2 eq ftp
permit tcp 172.20.10.0 0.0.0.255 any eq www
ip access-list extended vlan20
permit tcp 172.20.20.0 0.0.0.255 host 172.20.20.2 eq ftp
permit tcp 172.20.20.0 0.0.0.255 any eq www
ip access-list extended vlan30
permit tcp 172.20.30.0 0.0.0.255 any
This is how I have my access list set up to allow FTP to each vlan/departments server's and the internet, but it doesn't seem to work in packet tracer. I'm a student working on my case study and i guess I just don't have a good grasp on ACL's yet. Vlan 10 is personal and needs to have ftp access to the internet, its server and accounts server, vlan 20 is accounts and just needs access to its own server, and vlan 30 is the it department and needs full access accross all networks, any help would be greatly appreciated.