Security e-Series

ACL Creation

 
oetker1
Occasional Contributor

ACL Creation

Hi,

 

Please could someone help me with and creating an ACL.

 

Overview;

 

On our core switch swithes (2910al) and edge switches (2530)we have 5 VLANS but we have one PC that has a static IP address that I only want to have access to 1 of the VLANS and no other.

 

but not sure how to write and ACL where you only allow IP address 10.10.10.10 to only have access to VLAN 10 and all other PC still have access to VLAN 10, 20, 30, 40 and 50

 

And where to apply the ACL

1 REPLY 1
Vince-Whirlwind
Honored Contributor

Re: ACL Creation

Something like:

 

On the core switch:

 

ip access-list extended "restrict-special-host"
deny ip host 10.10.10.10 any
permit ip any any

vlan 10
ip access-group restrict-special-host in

 

(I am assuming VLAN10 has 10.10.10.0/24 on it)