Question : cisco 3550 acl problem

i separate my network into 3 main vlan subnet named vlan2 vlan109 vlan111 , and need to set access list policy between them.the policy is :
(1).vlan 111 cannot be visited by other vlans except vlan2;
(2).vlan 2 cannot be visited by other vlans,but it can visit other vlans;
(3).vlan 109 can be visited by anyother vlans;

how can i arrange the acl table to meet the requirement? online waiting for any experts' reply,and thx a lot a a lot!

Answer : cisco 3550 acl problem

(1) only permit vlan 2 into vlan 111
access-list 102 permit

interface vlan 111
 ip access-group 102 in
!

For (2) that's more difficult. If you want to access other vlans, the responses need to be allowed back.
!
access-list 103 permit tcp any established
!
interface vlan 2
 ip access-group 103 in
!

(3) no action required
Random Solutions  
 
programming4us programming4us