Ethernet Switches & Routers

Reply
N/A
ron.bennington
Posts: 1
Registered: ‎05-05-2011

Crearing ACL on Layer 3 1600

I have created the following acl, and applied it, but i am not denying traffic that should be denied.

Any ideas would be greatly appreciated.

I have an ASA5550 pluged into port 7/19, i have clients that vpn in, are given an IP address and i am trying to deny them complete access.

But if i test from home I get the right IP address, 192.168.98.225 and I can get to 99.253 no problem. But I can also get to anything else on that ip range as well.

this is a big flat network, 192.168.96.0 /22 ( I didn't design it, just have to deal with it).,

interface ve 2

ip access-group datacasting in ethe 7/19

ip access-list extended datacasting

permit ip 192.168.98.208 0.0.0.15 host 192.168.99.222 log

permit ip 192.168.98.208 0.0.0.15 host 192.168.99.223 log

permit ip 192.168.98.224 0.0.0.7 host 192.168.99.253 log

deny ip 192.168.98.208 0.0.0.15 any log

deny ip 192.168.98.224 0.0.0.7 any log

permit ip any any log

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.