Need Help with Creating Switch ACL Rules Equivalent to statefull Gateway ACL rules
I recently figured out how to use the Gateway Stateful ACL, which, as a network novice, I find to be the simplest to understand. I've set up some basic ACL rules to block traffic between my VLANs: my "Default" VLAN can access the "IoT" VLAN, but not the other way around. This setup works well for most of my needs.
Now, of course , I have a situation where I need a specific device on my IoT VLAN to communicate with a server on my Default VLAN. From what I understand, because I’ve set up deny rules on my gateway, I can't override them later with allow rules on the Switch ACLs, since permit rules need to be placed before deny rules.
What I’m looking for is a working example of a set of Switch ACL rules that are equivalent to the Gateway Stateful ACL rule (blocking IoT from accessing Default, but default can access IoT).
I cant wrap my head around how Switch ACLs work, but maybe once I see such an example - that works like the statefull Gateway rule (if it’s even possible), I’ll be able to add the permit rule myself above those.
Thanks
TrekkieDK
Denmark