HP 1920 access list issue. I have a case where I have a vlan for guest/public access. The vlan is 4000 172.16.0.0/24. I only want this vlan to get internet access. I also need it to access a dc for dhcp and dns, which is located on vlan 1080 10.1.8.10/24. I create the following access-list and applied it to vlan 4000
- ip access-list extended guest
- 10 permit ip 172.16.0.0 0.0.0.255 10.1.8.10 0.0.0.0
- 50 deny ip 172.16.0.0 0.0.0.255 10.1.0.0 0.0.255.255
- 60 permit ip 172.16.0.0 0.0.0.255 0.0.0.0 255.255.255.255
Devices are not getting a DHCP address from the server, even though there is a helper address on the vlan interface. However if I manually add an ip address o nthe 172.16.0.0/24 network, I can in fact access the dc at 10.1.8.10, the internet but not any other internal address. So it would appear that my access-list is somewhat correct in that it is fuctioning how I want to. However, you remove the static address and it will not get an address from the pool we have already established connection to the DC. Arrgh, please help