要求是vlan2能访问vlan3,vlan4不能访问vlan2和vlan3
我现在是如下做法:
vlan access-map acl 10
match ip address 101
action forward
vlan access-map acl1 20
match ip address 102
action forward
!
vlan filter acl vlan-list 2
vlan filter acl1 vlan-list 3
access-list 101 permit ip 172.16.20.0 0.0.0.255 172.16.23.0 0.0.0.255
access-list 101 permit ip 172.16.23.0 0.0.0.255 172.16.20.0 0.0.0.255
access-list 102 permit ip 172.16.23.0 0.0.0.255 172.16.20.0 0.0.0.255
access-list 102 permit ip 172.16.20.0 0.0.0.255 172.16.23.0 0.0.0.255
现在是vlan3不能访问vlan2,vlan2不能访问vlan3
哪位高手给解答下