Re: Access control List between VLANs on Cisco 3560G switch

dchavarria · ‎10-21-2010

I

need your help.

I have a switch 3560G with two VLANS (VLAN 30 - PC's and VLAN 10 - SERVERS's), I need that only 5 PC's on vlan 30 access to a Server in vlan 10, but the rest of PC's included de 5 PC's on vlan 30 access to the rest of Servers on VLAN 10, thank you

Jon Marshall · ‎10-21-2010

dchavarria wrote:

I

need your help.

I have a switch 3560G with two VLANS (VLAN 30 - PC's and VLAN 10 - SERVERS's), I need that only 5 PC's on vlan 30 access to a Server in vlan 10, but the rest of PC's included de 5 PC's on vlan 30 access to the rest of Servers on VLAN 10, thank you

5 PCs = 192.168.5.10 -> 14

server = 192.168.10.10

access-list 101 permit ip host 192.168.5.10 host 192.168.10.10 (note i have used permit ip but you can limit to TCP/UDP ports if you want)

access-list 101 permit ip host 192.168.5.11 host 192.168.10.10

access-list 101 permit ip host 192.168.5.12 host 192.168.10.10

access-list 101 permit ip host 192.168.5.13 host 192.168.10.10

access-list 101 permit ip host 192.168.5.14 host 192.168.10.10

access-list 101 deny ip 192.168.5.0 0.0.0.255 host 192.168.10.10

access-list 101 permit ip 192.168.5.0 0.0.0.255 any

int vlan 30

ip access-group 101 in

Jon