Here's the deal... I have a 5500 with RSM with a few VLANs on it,
each VLAN with an IP and the RSM is handling the routing for all VLANs.
I've got one VLAN in particular (511) that I'm experimenting with I
made the following access list:
Router#(config)access-list 10 deny any log
(
If 10.51.1.1 is the only IP active on that subnet, then the traffic is
not being sourced from that network, thus rendering the ACL irrelevant.
If, however, your host was connected to one of the ports on vlan 511,
you would not be able to communicate with the RSM past the ACL.
So, in other words,
Jay,
Thanks for your input. But shouldn't ACL keep anything from other VLANs
from even pinging the gateway IP of VLAN511?
Mike W.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=43152&t=43128
--
FAQ, list archives, and subscript
No, that's not the case. If you think of it visually,
INTERNET->ROUTER->INTERFACE->ACL->LAN
Then you will see that the internet can still access the interface, and
it's address. Because really, you are pinging the router, not the
interface or the LAN.
On Thu, 2002-05-02 at 14:22, Michael Will
4 matches
Mail list logo
