Creating Access List for Vlan
Hi,
I would like to create an access list for VLAN 150. Here is what I would liek to do. I would like to deny 192.168.0.0/23 from accessing 192.168.150.0/24. I would like to permit 192.168.1.39 to communicate with 192.168.150.0/24. This is a cisco 3560g switch. From what I could find I should be able to run the below commands
ip access-list extended storage-vlan deny 192.168.0.0 0.0.0.255 192.168.150.0 0.0.0.255 log
ip access-list extended storage-vlan deny 192.168.1.0 0.0.0.255 192.168.150.0 0.0.0.255 log
ip access-list extended storage-vlan permit 192.168.1.39 0.0.0.255 192.168.150.0 0.0.0.255 log
ip access-list extended storage-vlan permit any any
This does not seem to get what i want, which is only allow the 192.168.1.39 ip address access to vlan 150.
I would like to create an access list for VLAN 150. Here is what I would liek to do. I would like to deny 192.168.0.0/23 from accessing 192.168.150.0/24. I would like to permit 192.168.1.39 to communicate with 192.168.150.0/24. This is a cisco 3560g switch. From what I could find I should be able to run the below commands
ip access-list extended storage-vlan deny 192.168.0.0 0.0.0.255 192.168.150.0 0.0.0.255 log
ip access-list extended storage-vlan deny 192.168.1.0 0.0.0.255 192.168.150.0 0.0.0.255 log
ip access-list extended storage-vlan permit 192.168.1.39 0.0.0.255 192.168.150.0 0.0.0.255 log
ip access-list extended storage-vlan permit any any
This does not seem to get what i want, which is only allow the 192.168.1.39 ip address access to vlan 150.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ip access-list extended storage-vlan permit ip host 192.168.1.39 192.168.150.0 0.0.0.255 log
ip access-list extended storage-vlan deny ip 192.168.0.0 0.0.0.255 192.168.150.0 0.0.0.255 log
ip access-list extended storage-vlan deny ip 192.168.1.0 0.0.0.255 192.168.150.0 0.0.0.255 log
ip access-list extended storage-vlan permit any any