VLAN Access Control

From: Abou-3alaa Abou-3alaa (aldoctors@hotmail.com)
Date: Thu Jan 10 2008 - 07:47:49 ARST

• Next message: Alex Burba: "SWAP: Brussel, 21 Feb"
• Previous message: George Goglidze: "Re: Need Explanation on WRED"
• Next in thread: Gupta, Gopal (NWCC): "RE: VLAN Access Control"
• Maybe reply: Gupta, Gopal (NWCC): "RE: VLAN Access Control"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

am a littke confused about this Config:
VLAN Access ControlConfigure an ACL with name ACL-V to obtain the following
requirements:-- Deny Web Traffic from 172.16.10.0/24 to Subnet 192.168.106.0-
Permit Web Traffic from 172.16.0.0/8 to Subnet 192.168.106.0- Permit Any Other
ip traffic from your Rack to Subnet 192.168.106.0Do not Use deny Statements,
use only PERMIT statements.(192.168.106.0 is VLAN_200)

ip access-list extended ACL-Vpermit tcp 172.16.10.0 0.0.0.255 192.168.106.0
0.0.0.255 eq www ip access-list extended ACL-VVpermit tcp 172.16.0.0
0.255.255.255 192.168.106.0 0.0.0.255 eq www permit ip any 192.168.106.0
0.0.0.255 vlan access-map ccie 10 match ip address ACL-Vaction drop vlan
access-map ccie 20 match ip address ACL-VVaction forward vlan filter ccie
vlan-list 200
THIS Config Works and met the Required
what Narbik Suggest?
Rgds

• Next message: Alex Burba: "SWAP: Brussel, 21 Feb"
• Previous message: George Goglidze: "Re: Need Explanation on WRED"
• Next in thread: Gupta, Gopal (NWCC): "RE: VLAN Access Control"
• Maybe reply: Gupta, Gopal (NWCC): "RE: VLAN Access Control"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Feb 01 2008 - 10:37:58 ARST