I have a vlanAA with an interface IP, say 10.1.1.1, which is an uplink to the "outside"
I have more vlans in my logical chassis.
How can I - protect(deny) 10.1.1.1 from/against the outside, or anybody for that mater, except for maybe allowing a MAC/IP - that would be ACLs, right?
I'm fiddling with extended ACL.
1 permit tcp IPa IPb
2 deny tcp any any
3 permit udp IPa IPb
4 deny udp any any
But that does not seem to get me what I hoped.