I have a network 172.16.100.0 that I would like deny from accessing all of the other networks. The device is a Cisco 3700 series.
Currently for VLAN 100, network 100.0 I have the following applied to the incoming sub-interface:
access-list 110 permit ip 172.16.100.0 0.0.0.255 any
access-list 110 deny ip any any
The problem is my systems on the other networks i.e. 172.16.10.0 can talk to 100.0 still and vice-versa.
Here's an example ACL from one of the other interfaces.
access-list 103 deny ip 172.16.2.0 0.0.0.255 any
access-list 103 deny ip 10.0.0.0 0.0.15.255 any
access-list 103 deny ip 172.16.3.0 0.0.0.255 any
access-list 103 deny ip host 255.255.255.255 any
access-list 103 deny ip 127.0.0.0 0.255.255.255 any
access-list 103 permit ip any any
How can I stop 172.16.100.0 from accessing the other networks?