10-73
Access Control Lists (ACLs)
Configuring Extended ACLs
Example of a Named, Extended ACL. Suppose that you want to imple-
ment these policies on a switch configured for IP routing and membership in
VLANs 10, 20, and 30:
A. Permit Telnet traffic from 10.10.10.44 to 10.10.20.78, deny all other IP
traffic from network 10.10.10.0 (VLAN 10) to 10.10.20.0 (VLAN 20), and
permit all other IP traffic from any source to any destination. (See “A” in
figure 10-18, below.)
B. Permit FTP traffic from IP address 10.10.20.100 (on VLAN 20) to
10.10.30.55 (on VLAN 30). Deny FTP traffic from other hosts on
network10.10.20.0 to any destination, but permit all other IP traffic.
Figure 10-18. Example of an Extended ACL
VLAN 10
10.10.10.1
VLAN 20
10.10.20.1
VLAN 30
10.10.30.1
1
3
2
Switch
10.10.10.0
10.10.20.0
10.10.30.0
A
B
10.10.10.44
10.10.20.100
10.10.20.100
10.10.30.55
Comments to this Manuals