Hello all. I'm rather a novice to Cisco ACL's, so forgive me if I word this question poorly.
Anyhow, I am using a Cisco 871 with Advanced IP Services as my home router and have setup two VLANs. Vlan1 is used for 2 desktop computers and Vlan2 is used to host the myriad wireless devices throughout. I want to create an ACL that permits ALL traffic (including return traffic) to transit between Vlan1 and Vlan2 if that traffic originates in Vlan1. I want NO traffic (except for return traffic) to transit between Vlan2 and Vlan1. Is there an easy way to accomplish this?
My Vlan1 and Vlan2 definitions and current (rather simple) ACL are as follows:
interface Vlan1 description internal LAN ip address 192.168.200.1 255.255.255.0 ip access-group LANIn in ip verify unicast reverse-path no ip redirects no ip unreachables no ip proxy-arp ip accounting access-violations ip flow ingress ip multicast boundary 30 ip nat inside ip virtual-reassembly ! interface Vlan2 description internal LAN ip address 192.168.100.1 255.255.255.0 ip access-group LANIn in ip verify unicast reverse-path no ip redirects no ip unreachables no ip proxy-arp ip accounting access-violations ip flow ingress ip multicast boundary 30 ip nat inside ip virtual-reassembly
ip access-list extended LANIn deny ip 192.168.100.0 0.0.0.255 192.168.200.0 0.0.0.255 permit ip 192.168.100.0 0.0.0.255 any permit ip 192.168.200.0 0.0.0.255 any deny ip any any log-input
Thank you for your assistance!
Vincent