AMTPJ_IT
asked on
ACL on Cisco 3750 to allow VLAN1 to access only 1 host on VLAN2
Hi,
I have created a new VLAN on my 3750 switch and I need following:
VLAN 1 (192.168.90.0 /24) need to have access to only 1 IP (192.168.80.11) on VLAN 2 (192.168.80.0 /24)
What ACL need to be defined for VLAN1 and VLAN2
Any help appreciated.
I have created a new VLAN on my 3750 switch and I need following:
VLAN 1 (192.168.90.0 /24) need to have access to only 1 IP (192.168.80.11) on VLAN 2 (192.168.80.0 /24)
What ACL need to be defined for VLAN1 and VLAN2
Any help appreciated.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
so which ip addresses are we talking about? For example 192.168.80.11 in your original questionsnt mentioned in your configuration output above.
/Kvistofta
/Kvistofta
ASKER
Hi Kvistoffa,
My mistake, problem is resolved as I was trying to access second VLAN using WiFi SSID which was configured on WLAN controller. After correcting config on controller, i am able to ping the second VLAN.
Thanks for your support.
My mistake, problem is resolved as I was trying to access second VLAN using WiFi SSID which was configured on WLAN controller. After correcting config on controller, i am able to ping the second VLAN.
Thanks for your support.
ASKER
I am still unable to ping the second VLAN IP after doing this config
interface Vlan1
ip address 139.53.61.65 255.255.255.224
!
interface Vlan10
ip address 10.164.200.2 255.255.252.0
ip helper-address 139.53.61.67
!
interface Vlan20
no ip address
!
interface Vlan40
ip address 10.164.204.1 255.255.255.0
ip helper-address 10.164.204.254
!
interface Vlan50
ip address 10.164.207.1 255.255.255.0
!
interface Vlan80
description *Siemens-WIFI-Access*
no ip address
!
interface Vlan90
description *Consultants VLAN*
ip address 192.168.90.1 255.255.254.0
ip access-group Consultant in
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.164.200.1
ip route 10.164.204.253 255.255.255.255 10.164.204.254
ip http server
!
ip access-list extended Consultant
permit ip 192.168.90.0 0.0.0.255 host 139.53.61.67
permit ip 192.168.90.0 0.0.0.255 host 139.53.61.69
deny ip 192.168.90.0 0.0.0.255 139.53.61.64 0.0.0.31
permit ip any any