interface Vlan2
ip address 192.168.70.1 255.255.255.0
ip access-group protect_corp_in in
ip access-group protect_corp_out out
ip access-list extended protect_corp_in
evaluate corptraffic
deny ip any 10.0.0.0 0.255.255.255
deny ip any 172.16.0.0 0.0.255.255
deny ip any 192.168.0.0 0.0.255.255
permit ip any any
What is even stranger is that when I do a ping on the router to 8.8.8.8 with 192.168.70.1 as a source address it works.Routers are for the most part immune to their own ACLs when it comes to outbound traffic.