Hi Guys,

I am confused I am trying to configure vlan access list in cisco 3750. But it is not working. Software version is C3750 Software (C3750-ADVIPSERVICESK9-M), Version 12.2(44)SE.

Following is the configuration I tried and it was working in cisco 6500 , but not in 3750 Please help me.

1. inter vlan 211

Description Sharepoint_vlan_public

ip address 10.3.211.1 255.255.255.0

ip access-group Sharepoint1 in

ip access-group sharepoint2 out

no ip redirects

no ip unreachables

2. Access-list to access Vlan 3 and vlan 210 from vlan 211

ip access-list extended Sharepoint1

permit tcp 10.3.211.0 0.0.0.255 host 10.3.6.121 eq 135

permit tcp 10.3.211.0 0.0.0.255 host 10.3.6.121 eq 1025

permit tcp 10.3.211.0 0.0.0.255 host 10.3.6.121 eq 1026

permit tcp 10.3.211.0 0.0.0.255 host 10.3.6.121 eq 389

permit tcp 10.3.211.0 0.0.0.255 host 10.3.6.121 eq 445

permit tcp 10.3.211.0 0.0.0.255 host 10.3.6.121 eq 139

permit tcp 10.3.211.0 0.0.0.255 host 10.3.6.121 eq 53

permit udp 10.3.211.0 0.0.0.255 host 10.3.6.121 eq 13255

permit udp 10.3.211.0 0.0.0.255 host 10.3.6.121 eq 138

permit udp 10.3.211.0 0.0.0.255 host 10.3.6.121 eq 53

permit tcp 10.3.211.0 0.0.0.255 host 10.3.210.121 eq 135

permit tcp 10.3.211.0 0.0.0.255 host 10.3.210.121 eq 1025

permit tcp 10.3.211.0 0.0.0.255 host 10.3.210.121 eq 1026

permit tcp 10.3.211.0 0.0.0.255 host 10.3.210.121 eq 389

permit tcp 10.3.211.0 0.0.0.255 host 10.3.210.121 eq 445

permit tcp 10.3.211.0 0.0.0.255 host 10.3.210.121 eq 139

permit tcp 10.3.211.0 0.0.0.255 host 10.3.210.121 eq 53

permit udp 10.3.211.0 0.0.0.255 host 10.3.210.121 eq 13255

permit udp 10.3.211.0 0.0.0.255 host 10.3.210.121 eq 138

permit udp 10.3.211.0 0.0.0.255 host 10.3.210.121 eq 53

permit tcp 10.3.211.0 0.0.0.255 host 10.3.6.161 eq 25

permit tcp 10.3.211.0 0.0.0.255 host 10.3.210.46 eq 1433

3. This access-list is for management purpose and return traffic

ip access-list extended Sharepoint2

permit ip 10.3.6.121 0.0.0.0 10.3.211.0 0.0.0.255

permit ip 10.3.6.161 0.0.0.0 10.3.211.0 0.0.0.255

permit ip 10.3.210.46 0.0.0.0 10.3.211.0 0.0.0.255

permit ip 10.3.210.121 0.0.0.0 10.3.211.0 0.0.0.255

permit ip 10.3.140.0 0.0.0.255 10.3.211.0 0.0.0.255

and also I tried VLAN ACL same result which is not working.

vlan access-map sharepoint 10

action forward

match ip address sharepoint

!

vlan filter sharepoint vlan-list 211

ip access-list extended sharepoint

permit tcp 10.3.211.0 0.0.0.255 host 10.3.6.121 eq 135

permit tcp 10.3.211.0 0.0.0.255 host 10.3.6.121 eq 1025

permit tcp 10.3.211.0 0.0.0.255 host 10.3.6.121 eq 1026

permit tcp 10.3.211.0 0.0.0.255 host 10.3.6.121 eq 389

permit tcp 10.3.211.0 0.0.0.255 host 10.3.6.121 eq 445

permit tcp 10.3.211.0 0.0.0.255 host 10.3.6.121 eq 139

permit tcp 10.3.211.0 0.0.0.255 host 10.3.6.121 eq domain

permit udp 10.3.211.0 0.0.0.255 host 10.3.6.121 eq 13255

permit udp 10.3.211.0 0.0.0.255 host 10.3.6.121 eq netbios-dgm

permit udp 10.3.211.0 0.0.0.255 host 10.3.6.121 eq domain

permit tcp 10.3.211.0 0.0.0.255 host 10.3.210.121 eq 135

permit tcp 10.3.211.0 0.0.0.255 host 10.3.210.121 eq 1025

permit tcp 10.3.211.0 0.0.0.255 host 10.3.210.121 eq 1026

permit tcp 10.3.211.0 0.0.0.255 host 10.3.210.121 eq 389

permit tcp 10.3.211.0 0.0.0.255 host 10.3.210.121 eq 445

permit tcp 10.3.211.0 0.0.0.255 host 10.3.210.121 eq 139

permit tcp 10.3.211.0 0.0.0.255 host 10.3.210.121 eq domain

permit udp 10.3.211.0 0.0.0.255 host 10.3.210.121 eq 13255

permit udp 10.3.211.0 0.0.0.255 host 10.3.210.121 eq netbios-dgm

permit udp 10.3.211.0 0.0.0.255 host 10.3.210.121 eq domain

permit tcp 10.3.211.0 0.0.0.255 host 10.3.6.161 eq smtp

permit tcp 10.3.211.0 0.0.0.255 host 10.3.210.46 eq 1433

permit ip host 10.3.6.121 10.3.211.0 0.0.0.255

permit ip host 10.3.6.161 10.3.211.0 0.0.0.255

permit ip host 10.3.210.46 10.3.211.0 0.0.0.255

permit ip host 10.3.210.121 10.3.211.0 0.0.0.255

permit ip 10.3.140.0 0.0.0.255 10.3.211.0 0.0.0.255

Please help me to fix the same.

Thanks in advance.

!