We help IT Professionals succeed at work.
Get Started

Vlan access list

688 Views
Last Modified: 2012-05-12
Can someone tell me why this access-list is not working. I want to segregate the traffic on VLAN 325 (10.123.74.252) from other Vlans. The switch is a Cisco 4948


Interface Vlan 325
description guest internet
ip address 10.123.74.252 255.255.255.128
ip access-group GUEST_ACCESS in
ip helper-address 10.123.74.254
standby 25 ip 10.123.74.250
standby 25 priority 90
standby 25 preempt
standby 25 name HSRP-Untrusted-wireless
 
ip access-list extended GUEST-ACCESS
remark Internet Access Only
permit udp any any eq bootpc
permit udp any any eq bootps
deny   ip any 10.0.0.0 0.255.255.255
deny   ip any 172.16.0.0 0.15.255.255
deny   ip any 192.168.0.0 0.0.255.255
deny   ip any 224.0.0.0 31.255.255.255
deny   ip any 169.254.0.0 0.0.255.255
deny   ip any 127.0.0.0 0.255.255.255
deny   ip any 192.0.2.0 0.0.0.255
deny   ip any host 0.0.0.0
permit ip 10.123.74.128 0.0.0.127 any    
 
Comment
Watch Question
Expert/Consultant
Commented:
This problem has been solved!
Unlock 2 Answers and 7 Comments.
See Answers
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE