cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
614
Views
1
Helpful
5
Replies

Extended ACL inbound and outbound

TechBhole241
Level 1
Level 1

Good morning friends,

I have created two extended ACLs for in and out of my int vlan and applied it under int vlan for both directions inbound and outbound. I have created ACLs entries like this.

For int vlan no. Out

1 permit ip 10.1.0.0 0.0.255.255 host 10.206.213.131

2 permit ip 10.1.0.0 0.0.255.255 host 10.206.213.132

For int vlan no. In

1 permit ip host 10.206.213.131 10.1.0.0 0.0.255.255

2 permit ip host 10.206.213.132 10.1.0.0 0.0.255.255 

1000037643.png

 after applying these ACLs for inbound and outbound under int vlan no. My problem is still not resolved. Any one help me to solve my problem.

Thanks 

Mohan Singh
5 Replies 5

Hello,

Can you provide the full configuration of the switch? 

 

Keep in mind VLAN ACL rules

OUT - filters traffic going to devices IN that VLAN

IN - filters traffic coming OUT of that VLAN

 

Also your instruction say the destination is the 10.0.0.0/8 network whereas you have the 10.10.0.0/16 network configured in the ACL.

 

-David

Joseph W. Doherty
Hall of Fame
Hall of Fame

What network is the VLAN hosting?

Is there a current ACL?  If not, then all traffic should be permitted, i.e. you wouldn't need an ACL to permit any traffic.

If yes, you may need to add ACEs but we need to see the existing ACL.

These are existing ACLs for user related Vlans. Kindly check these and give me appropriate solution for my problem.

Thank you 

Mohan Singh

What is this SW platform?

MHM

under VLAN54 have subnet 10.1.0.0/24

For int vlan no. IN

1 permit ip 10.1.0.0 0.0.255.255 host 10.206.213.131

2 permit ip 10.1.0.0 0.0.255.255 host 10.206.213.132

For int vlan no. OUT

1 permit ip host 10.206.213.131 10.1.0.0 0.0.255.255

2 permit ip host 10.206.213.132 10.1.0.0 0.0.255.255

Review Cisco Networking for a $25 gift card