ACL rules with SSR tenant or service
lab setup | |
---|---|
block the source | ping 10.100.12.3 routing-instance vr-11 source 10.100.11.2 |
block the destionation | ping 10.100.12.3 routing-instance vr-11 source 10.100.11.3 |
ACL based on destination | create a new service |
ping 10.100.12.3 routing-instance vr-11 source 10.100.11.2 | |
"clone the current service " Change the dest to a single /32 | |
change to deny | |
ACL based on destination | create a new child-service |
name=Â drop.xxxxxxxxxxxx | |
select only one /32Â | |
Drop / deny this customer1 | |
ACL based on source | tenant and access-policy in Services based on IP address |
ping 10.100.12.3 routing-instance vr-11 source 10.100.11.3 | |
create an access list | |