cancel
Showing results for 
Search instead for 
Did you mean: 

ACL one way

ACL one way

Kamal_FIKRI
New Contributor
Hello,
I need to create an access list based on subnet IP source and destination and applied in a VLAN interface, the ACL work fine when we need to block all traffic, but when we try to block the traffic in one way like reflexive ACL in Cisco it doesn't work, here is my ACL:
entry DenyInterVlanRouting {
if match all {
source-address 10.10.1.110/32;
destination-address 10.10.128.245/32;
}
then {
deny ;
}
}
I want to block only from 10.10.1.110 to 10.10.128.245 and allow in the return path.
10 REPLIES 10

Senguttuvan__Ar
Extreme Employee
Hi,

If you want to allow the return traffic, then, you need to have another rule like below on the same policy file:

entry Permit_return{
if match all {
source-address 10.10.128.245/32 ;
destination-address 10.10.1.110/32;
}
then {
permit;
}
}
GTM-P2G8KFN