This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

ACL one way

ACL one way

Kamal_FIKRI
New Contributor

‎04-14-2016 07:53 AM

Hello,
I need to create an access list based on subnet IP source and destination and applied in a VLAN interface, the ACL work fine when we need to block all traffic, but when we try to block the traffic in one way like reflexive ACL in Cisco it doesn't work, here is my ACL:
entry DenyInterVlanRouting {
if match all {
source-address 10.10.1.110/32;
destination-address 10.10.128.245/32;
}
then {
deny ;
}
}
I want to block only from 10.10.1.110 to 10.10.128.245 and allow in the return path.
0 Kudos
10 REPLIES 10

Senguttuvan__Ar
Extreme Employee

‎04-14-2016 08:32 AM

Hi,

If you want to allow the return traffic, then, you need to have another rule like below on the same policy file:

entry Permit_return{
if match all {
source-address 10.10.128.245/32 ;
destination-address 10.10.1.110/32;
}
then {
permit;
}
}
0 Kudos
li.common.scroll-to.top
GTM-P2G8KFN