We have a N4032F and I want to create an access list but I'm having a bit of trouble with the config.
So basically the architecture is described as follows:
N4032F (10.16.4.6)
VLAN 10 (192.168.1.0/24)
VLAN 20 (192.168.2.0/24)
VLAN 70 (192.168.7.0/24)
VLAN 80 (192.168.8.0/24)
I want to restrict VLAN 70 from communicating at all with the rest of the VLANs but still allow traffic from the outside network (10.0.0.0/8).
Here is the section of the config that I tried... it works in that it doesn't allow traffic, but it doesn't allow traffic from anyone or allow traffic to anyone.
interface vlan 70 6
ip address 192.168.7.1 255.255.255.0
ip access-group VLAN70-in in 1
ip access-group VLAN70-out out 1
exit
ip access-list VLAN70-out
deny ip 192.168.7.0 0.0.0.255 192.168.2.0 0.0.0.255
deny ip 192.168.7.0 0.0.0.255 192.168.1.0 0.0.0.255
deny ip 192.168.7.0 0.0.0.255 192.168.8.0 0.0.0.255
exit
ip access-list VLAN70-in
permit every
