Thursday, May 9, 2019

Camera VLAN ACL

I am working on this very large network and I just want to double check my work.

I have a camera server on 192.168.19.77 that is vlan 19

I have a camera on 10.254.254.11 that is on vlan 500

I want the server 192.168.19.77 to be able to talk to the camera vlan (10.254.254.0/24) and the camera vlan to talk only to the server.

I have this ACL

ip access-list extended SecCameraIN_ACL

permit ip any host 192.168.19.77

ip access-list extended SecCamerasOUT_ACL

permit ip 192.168.19.0 0.0.0.255 any

There are many other VLANs that are present in the network and I don't want them to have access to the physical camera on the 10.254.254.0/24 network, but I don't want to change any existing ACLs (this isn't my network).

Thanks for the help!



No comments:

Post a Comment