cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
vontech615
New Contributor III

Access List help

I have 2 VLANs setup (10.10.10.0/24-VOICE, 10.10.1.0/24-DATA).  I'd like to block users on the data VLAN from accessing the web interface on the phones on the voice VLAN.   I want to permit myself to do so though.  I think I have the access list correct(?) but I'm not sure if I should map both vlans or just the data vlan?

permit tcp host 10.10.1.81  10.10.10.0 0.0.0.255 eq www

deny   tcp any  10.10.10.0 0.0.0.255 eq www

permit ip any  any

hw-access-map Map1

vlans X

forward ip BLOCK_HTTP_VLAN10

Labels (2)
0 Kudos
3 Replies
vontech615
New Contributor III

Re: Access List help

Where'd everybody go?

Anonymous
Not applicable

Re: Access List help

vontech615:

Thank you for asking this question in the support community.

Based on the description, the HACL example you created looks correct.  Here is the Configuring Hardware ACLs in AOS guide for reference.

Please, do not hesitate to reply to this post with any additional questions.  I will be happy to help in any way I can.

Levi

evanh
Contributor III
Contributor III

Re: Access List help

Daniel,

I am marking this assumed answered. However, if you have more to add please do not hesitate to do so.

Thanks,

Evan