Cisco ACL Help
jbayne3
Member Posts: 45 ■■□□□□□□□□
in CCNA & CCENT
Hey Cisco Pros!
I recently inhereted a Cisco router, so I have a question about ACLs. I would like to restrict hosts from accessing different subnets. The router uses subinterfaces and 802.1q VLANs.
Here is a scenario:
Host A (10.20.20.45) is permitted to access 10.30.30.0/24.
Host B (10.10.10.33) is not permitted to access 10.30.30.0/24.
How would I construct an ACL to make this happen?
Any help is appreciated. Thank you in advance!
I recently inhereted a Cisco router, so I have a question about ACLs. I would like to restrict hosts from accessing different subnets. The router uses subinterfaces and 802.1q VLANs.
Here is a scenario:
Host A (10.20.20.45) is permitted to access 10.30.30.0/24.
Host B (10.10.10.33) is not permitted to access 10.30.30.0/24.
How would I construct an ACL to make this happen?
Any help is appreciated. Thank you in advance!
Comments
-
tha_dub
Member Posts: 262
Okay I'm actually just reading that chapter in the cisco press icnd2 book now so I'll take a crack at it and someone please correct me if I'm wrong!
access-list 101 deny ip 10.10.10.33 0.0.0.0 10.30.30.0 0.0.0.255
access-list 101 permit ip any any
Then apply it to the outgoing interface...
interface fast 0
ip access-group 101 out
Does that sound right? -
notgoing2fail
Member Posts: 1,138
You only need one line since there's an implicit deny.
Host A (10.20.20.45) is permitted to access 10.30.30.0/24.
access-list 101 permit ip host 10.20.20.45 10.30.30.0 0.0.0.255
You can probably figure out the correct direction based on your setup....