Hi Andrija
Following on from that if you are using an isolated guest network and static IP for NAT to a VM private IP is there anyway in the IP address firewall configuration to deny certain traffic as well as permit traffic. Jon ________________________________ From: Andrija Panic <andrija.pa...@gmail.com> Sent: 18 July 2018 16:17 To: users Subject: Re: VPC ACLs SRC and DST Hi Adam, unless something has changed in most recent version (doubt that) - no, you can only define one CIDR in each ACL rule, which, if creating egress/outbound rule is considered as destination IP/CIDR to which you alow/deny access from your VPC network, or if using ingress (inbound) rule, then this CIDR represents the SOURCE from which access is allowed/denied to your VPC network (whole VPC network in both cases - i.e. it's not granular on single IP/VM level - for this you need to use local firewall if really needed) Hope that answers your question. Andrija On Wed, 18 Jul 2018 at 17:07, Adam Witwicki <awitwi...@oakfordis.com> wrote: > Hello > > Is there a way we can add the DST IP to the ACL lists in a VPC as well as > the SRC IP (outbound) > > Thanks > > Adam > > > > Disclaimer Notice: > This email has been sent by Oakford Technology Limited, while we have > checked this e-mail and any attachments for viruses, we can not guarantee > that they are virus-free. You must therefore take full responsibility for > virus checking. > This message and any attachments are confidential and should only be read > by those to whom they are addressed. If you are not the intended recipient, > please contact us, delete the message from your computer and destroy any > copies. Any distribution or copying without our prior permission is > prohibited. > Internet communications are not always secure and therefore Oakford > Technology Limited does not accept legal responsibility for this message. > The recipient is responsible for verifying its authenticity before acting > on the contents. Any views or opinions presented are solely those of the > author and do not necessarily represent those of Oakford Technology Limited. > Registered address: Oakford Technology Limited, 10 Prince Maurice Court, > Devizes, Wiltshire. SN10 2RT. > Registered in England and Wales No. 5971519 > > -- Andrija Panić
