Hi All
I have One switch 3750 and many switch 2960 c
I use one ASA 5510 to reach emote branche site (vpn conexion)
I use one router 1841 for internet conexion
Router 1841, ASA and catalyst 2960 are connected on the 3750
Default gateway of all user is ASA IP
I configured Vlan 3750 and it work
Now I need to implement security : permit/block specific traffic between vlan
interface Vlan53
ip address 192.168.13.126 255.255.255.224
ip helper-address 192.168.1.29
interface Vlan120
ip address 192.168.1.126 255.255.255.192
ip helper-address 192.168.1.29
Objective of my configuration :
Vlan 120 should have full permit on vlan 53 and Vlan 53 should be blocked on vlan 120
All other trafic on the 2 vlan should be permitted
See below the configuration that I made for these 2 Vlan
ip access-list extended VLAN_120_IN
deny ip any 192.168.13.126 0.0.0.31
permit ip any any
interface vlan 120
ip access-group VLAN_120_IN in
Result
From vlan 72 I cannot have remote access on computer in vlan 34 and I cannot ping computer in vlan 34
My configuration is not work
Please help