I have about 20 vlans on my network. I dont want anyone to reach vlan 10 from anywhere, but vlan 10 can reach anywhere.
Can someone please send me an example ACL that can do this?
ip access-list extended 120
deny ip source 100.100.0.0 255.255.240.0
deny ip source 100.100.18.0 255.255.224.0
permit any any
interface vlan 10
ip-access-group 120 in
Does this work? Where the vlan 10 is 100.100.16.0/23.