Why wont my Cisco ACL work?
The below is a snippet of my Cisco 3560 config. I am setting up a ACL for VLAN 600. It it setup the deny all unless there is a permit rule.
The blue text is a rule for DHCP and works a treat (woo hoo)
The red text is to allow port 80 (web) on the same server, but this rule doesn't work :( - If i remove the ACL from the VLAN i can get to it fine.
The host for DHCP and web services is 172.20.1.1
What have i done wrong please?
description BYOD VLAN
ip address 10.12.12.254 255.255.255.0
ip access-group BYOD out
ip helper-address 172.20.1.1
ip access-list extended BYOD
permit udp 10.12.12.0 0.0.0.255 eq bootpc host 172.20.1.1 eq bootps
permit tcp 10.12.12.0 0.0.0.255 host 172.20.1.1 eq www
deny ip any any