Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
509
Views
12
Helpful
3
Replies

access lists

carl_townshend
Spotlight
Spotlight

‎04-28-2006 01:48 PM - edited ‎03-05-2019 11:52 AM

If I have an ethernet interface with a primary and secondary ip on it, Can I put an access list on this prevent certain ip's from one subnet seeing the other, and would I have to apply this both ways ?

Labels:
0 Helpful
3 Replies 3

vladrac-ccna
Level 5
Level 5

‎04-28-2006 08:26 PM

Hello Carl,

I'll respond if you promisse to rate the post!

Just kidding,

ok , you can do and yes, both ways.

interface FastEthernet0/1

ip address 10.10.2.1 255.255.255.0 secondary

ip address 10.10.1.1 255.255.255.0

ip access-group 100 in

ip access-group 100 out

access-list 100 deny ip 10.10.1.0 0.0.0.255 10.10.2.0 0.0.0.255

access-list 100 permit ip any any

that will do

HTH,

please rate this post if it does.

Vlad

carl_townshend
Spotlight
Spotlight
In response to vladrac-ccna

‎04-29-2006 05:32 PM

Thankyou, how come you have to apply it both ways ?

vladrac-ccna
Level 5
Level 5
In response to carl_townshend

‎04-29-2006 06:10 PM

As a matter of fact you dont!

just choose put it in

ip access-group 100 in

Thank you for bringing it to my attention.

Vlad

0 Helpful
Customers Also Viewed These Support Documents