how to allow a special ip to be allowed, that ip is in the blocked ip range

Post Reply
cuong955
Member
Posts: 6
Joined: 05 Dec 2013 09:36

how to allow a special ip to be allowed, that ip is in the blocked ip range

Post by cuong955 »

Hi everyone
Please help me this case
i have 2 vlan
vlan 10 : 10.0.10.0/24
vlan 20 : 10.0.20.0/24

Code: Select all

policy network group "vlan10"  10.10.0.10.0 mask 255.255.255.0
policy network group "vlan20"  10.10.0.20.0 mask 255.255.255.0

policy action accept
policy action deny disposition deny

policy condition "vlan10-to-vlan20" source vlan 10 destination network group vlan20
policy rule "vlan10-to-vlan20" condition "vlan10-to-vlan20" action deny
qos apply
it work and now i want to allow a ip in vlan 10 (10.0.10.2) and range (10.0.10.11-20) can access to vlan 20
please help me config it

thanks so much
Top
silvio
Alcatel Unleashed Certified Guru
Alcatel Unleashed Certified Guru
Posts: 1886
Joined: 01 Jul 2008 10:51
Location: Germany

Re: how to allow a special ip to be allowed, that ip is in the blocked ip range

Post by silvio »

create a new network group with this IP's and a condition for this.
Than a rule for this condition with action accept. But the most important thing is, tha this rule need a higher precedence (greater than default 1).
Top
Post Reply

Return to “OmniSwitch 6450”