I am working on this very large network and I just want to double check my work.
I have a camera server on 192.168.19.77 that is vlan 19
I have a camera on 10.254.254.11 that is on vlan 500
I want the server 192.168.19.77 to be able to talk to the camera vlan (10.254.254.0/24) and the camera vlan to talk only to the server.
I have this ACL
ip access-list extended SecCameraIN_ACL
permit ip any host 192.168.19.77
ip access-list extended SecCamerasOUT_ACL
permit ip 192.168.19.0 0.0.0.255 any
There are many other VLANs that are present in the network and I don't want them to have access to the physical camera on the 10.254.254.0/24 network, but I don't want to change any existing ACLs (this isn't my network).
Thanks for the help!
No comments:
Post a Comment