Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
291
Views
10
Helpful
3
Replies

how to filter traffic from VLAN 10 to VLAN 20, but allow traffic from VLAN 20 to VLAN 10??

marinarios
Level 1
Level 1

‎11-08-2015 01:14 AM - edited ‎03-08-2019 02:36 AM

Hi everyone, i have a doubt...

I have vlan 10 and vlan 20

I want filter traffic from VLAN 10 to VLAN 20, but allow traffic from VLAN 20 to VLAN 10...

Do I need to use acl or vacl?

Thanks

Labels:
0 Helpful
3 Replies 3

paul driver
VIP
VIP

‎11-08-2015 01:30 AM

Hello

For tcp traffic -You can use a SVI acl to accomplish this:


Example:
vlan 10= 10.10.10.10.0/24
vlan 20= 20.20.20.0.0/24

 
Ip access-list extended Stan
permit tcp 10.10.10.0 0.0.0.255 any established
deny tcp 10.10.10.0 0.0.0.255 any
permit ip any any


int vlan 20
Ip access-group Stan out

res
Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

marinarios
Level 1
Level 1
In response to paul driver

‎11-08-2015 02:11 AM

Thanks Paul Driver

0 Helpful

Ganesh Hariharan
VIP Alumni
VIP Alumni

‎11-08-2015 04:29 AM

Hello Marinarios,

As suggested by Paul , You can apply ACL on SVI to allow or deny traffic for specifc VLAN.

Have a look on the below link for basic of ACL for more clarity.

ACL Basics

Hope it Helps..

-GI

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card