I have a Cisco network with 6880 core and have a vlan that I am trying to stop the rest of my network from communicating with. I need the devices within the vlan to communicate with each other and out to the internet. Can someone look at this ACL configuration and let me know if it looks correct? Am I missing something?
ip access-list extended VLAN8
permit tcp any any established
permit icmp any any
permit ip any host x.x.x.x (DNS Server)
permit ip any host x.x.x.x (management vlan)
deny ip any 10.0.0.0 0.0.255.255
permit ip any any
No comments:
Post a Comment