Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
896
Views
0
Helpful
1
Replies

ACL on SVI

jagdev.dhaliwal
Level 1
Level 1

‎09-21-2012 01:29 AM - edited ‎02-21-2020 04:44 AM

Hi All,

I  have two vlans on Switch with SVIs, One is Server vlan (Vlan 10) other  is User vlan (Van 20), Now i want to just allow SSH/WEB traffice from  Server and RST/ACK  for outgoing traffic from Server Vlan.

Please find the config for vlans

Vlan 10

ip add 10.10.10.1  255.255.255.0

Vlan 20

ip add  20.20.20.1 255.255.255.0

ip access-list extended VLAN10-SSH/WEB-IN

permit tcp 20.20.20.0 0 0.0.255 10.10.10.0 0.0.0.255 eq 22
permit tcp 20.20.20.0 0.0.0.255 10.10.10.0 0.0.0.255 eq 80
permit tcp 20.20.20.0 0.0.0.255 10.10.10.0 0.0.0.255 eq 443

ip access-list extended VLAN10-RST/ACK-OUT

permit tcp any any established

i want to apply on server vlan (Vlan10)

int vlan 10

ip access-group VLAN10-SSH/WEB-IN -- ?? - what should be direction

ip access-group  VLAN10-RST/ACK-OUT -- ??  what should be direction

Thansk in advance

Jagdev

0 Helpful
1 Reply 1

Tejas Sheth
Level 1
Level 1

‎09-27-2012 01:19 AM

hey!! apply ssh/web-in in the inbound direction & ack/out rule in the outound direction!!!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card