03-03-2008 12:35 AM - edited 03-05-2019 09:29 PM
Hi
I want to make access list that from one vlan (Vlan10) out my 8 vlan can acess only two servers form server vlan (vlan 2)that are DHCP (IP x.x.x.10 )and proxy server (IP x.x.x.14:8088) so that the users from that vlan can get only access internet and get IP .Can anybody help me
Thanks Frds
JD
03-03-2008 01:00 AM
if i understand you correctly, you want users in VLAN10 to get IP addresses and should be able to access only internet and proxy server.
For this you can try something like this
access-list 100 permit udp any any eq 67
access-list 100 permit udp any any eq 68
access-list 100 permit ip
access-list 100 permit ip
interface vlan 10
ip access-group 100 in
HTH
Narayan
03-03-2008 01:04 AM
Thanks Narayan
yes you understood, what i want thanks for your help i will try and let you know about the result
03-03-2008 01:38 AM
i have already applied 101 list as in
i think i should aplly it "out" instead of " in" , and will it requie some changes
for that
interface vlan 10
ip access-group 101 in
03-03-2008 01:40 AM
For out you need to use ip access-group 101 out
But in your case inbound access-list would make more sense
Narayan
03-03-2008 02:52 AM
Thaks for your precious time Sir
Can we apply more than one inbound
Access lists on an interface
Like
interface vlan 10
ip access-group 101 in
ip access-group 102 in
Regards
JD
03-03-2008 02:54 AM
No..you can have only one inbound and one outbound access-list applied to an interface
int vlan 10
ip access-group 101 in
ip access-group 102 out
Narayan
03-03-2008 03:21 AM
so Sir can a apply like this
access-list 100 permit udp any any eq 67
access-list 100 permit udp any any eq 68
access-list 100 permit ip
access-list 100 permit ip
interface vlan 10
ip access-group 100 out
or should i apply
access-list 10 permit
access-list 10 permit
access-list 10 deny any
interface vlan 10
ip access-group 10 out
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide