Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

ACL requirements

Andy Scherzinger
Occasional Contributor

ACL requirements

So i've always had a week spot with ACL's and could use some help. I'm trying to block all traffic on "vlan 13" or the 20.100.13.0 network. the only place it needs to get to is the DHCP server, at 20.100.11.20.

ip access-list extended "Guest-ACL"
10 permit tcp 20.100.13.0 0.0.0.255 20.100.11.20 0.0.0.0 eq 67
20 permit tcp 20.100.13.0 0.0.0.255 20.100.11.20 0.0.0.0 eq 68
30 permit tcp 20.100.13.0 0.0.0.255 20.100.11.10 0.0.0.0 eq 53
40 permit IP 20.100.13.0 0.0.0.255 20.100.15.0 0.0.0.255
50 deny IP 20.100.13.0 0.0.0.255 20.100.10.0 0.0.0.255
90 deny IP 20.100.13.0 0.0.0.255 20.10.0.0 0.0.255.255
100 deny IP 20.100.13.0 0.0.0.255 192.168.0.0 0.0.255.255
110 permit IP 20.100.13.0 0.0.0.255 0.0.0.0 255.255.255.255
exit
vlan 13 ip access-group Guest-ACL in


can someone tell me why after i put this into the router they can't get to the internet? (i have a 0.0.0.0 route to the internet that is working for all other traffic not in this VLAN).