Beginning Nov 15, 2021, the Networking Forum discussion boards moved to the Aruba Airheads community

Click here to learn more

HPE Community

Switches, Hubs, and Modems

1753808 Members

8021 Online

108805 Solutions

New Discussion

isolate an IGMP vlan

I have in a network one vlan igmp enabled, the streaming server and the clients are all connected to that vlan.

Nevertheless the core switch has an IP address (VRRP) in order to act as an IGMP querier.

Now I want to prevent that clients inside this subnet can reach the rest of my other network except one SIP server

Therefore I cam up with following access-list

ip access-list extended "IPTV"
 
   10 permit ip 0.0.0.0 255.255.255.255 255.255.255.255 0.0.0.0
   20 permit igmp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
   30 permit udp 0.0.0.0 255.255.255.255 239.192.50.50 0.0.0.0 eq 2209
   50 remark "VoIP_SIP to PBX"
   50 permit udp 172.27.0.0 0.0.8.255 10.1.4.1 0.0.0.0 eq 5060
   60 remark "VoIP_rtp to PBX"
   60 permit udp 172.27.0.0 0.0.8.255 10.1.4.1 0.0.0.0 gt 24000
   70 permit ip 172.27.0.0 0.0.8.255 172.25.0.0 0.0.8.255
   100 permit ip 0.0.0.0 255.255.255.255 224.0.0.0 15.255.255.255
   exit

As soon as I apply this ACL to the VLAN interface my streaming stops at the clients

vlan  600 
     ip access-group "iptv" vlan 
     exit

something is wrong on my ACL but I do not see it...

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

isolate an IGMP vlan

isolate an IGMP vlan