Hi All, I have 5 VLANs in my network configured in my L3 switch 4500. currently all VLANs can ping and reach each others, means 192.168.3.100 host in my vlan2 can reach 192.168.1.100 which is vlan3. I want to create an ACL in my L3 switch to deny the Vlans to access or ping each other, I just want them to access my servers 172.16.1.10 - 172.16.1.30 which are in the default Vlan1. can someone advise me which the commands and where to apply them in the L3 switch. Thanks interface Vlan2 ip address 192.168.3.1 255.255.255.0 ip helper-address 192.168.16.10 ! interface Vlan3 ip address 192.168.1.1 255.255.255.0 ip helper-address 192.168.16.10 ! interface Vlan4 ip address 192.168.2.1 255.255.255.0 ip helper-address 192.168.16.10 ! interface Vlan5 ip address 192.168.6.1 255.255.255.0 ip helper-address 192.168.16.10 ! interface Vlan6 ip address 192.168.7.1 255.255.255.0 ip helper-address 192.168.16.10 ! ---------------------------------------------- This message has been scanned for viruses and dangerous content by Jambo MailScanner, and is believed to be clean. --------------------------------------------- "easy access to the world"