3com 5500 ACL
Posted on 2012-03-15
Is it possible to create an ACL with a deny ip source and apply it to a VLAN?
For example: I have an IP source of 10.0.10.0 0.0.0.255 I only want that source range to be blocked from the other VLANS. Instead of adding a bunch of rules for the different IP ranges to an ACL, I would create 1 rule that denies any IP address from the 10.0.10.0 range to whatever VLAN I apply the rule to?
For example(not sure if my rule wording is totally correct):
rule 1 deny ip source 10.0.10.0 0.0.0.255 destination any any
then apply that to say vlan 5, vlan 6, and vlan 8? But not to Vlan 3, Vlan 4, and Vlan 7 if they existed for example? That would block access from any IP in the 10.0.10.0 range to everything except VLAN 3, 4, and 7?