Question : VLAN ACL ?

Dear Experts:
I need your help ASAP , look  at my network Topology carefully  and I will give u a brief about it
-      I have 3 switches as follows : 1- CoreSwitch ( 3Com 4800G )
        2- Sw1 + Sw2 ( 3Com 2920 Plus )
-      And I have 3 VLANs defined on Coreswich As follows :
-      VLAN1 : IP address : 172.16.1.1 /24
-      VLAN2 : IP  address : 172.16.2.1/24
-      VLAN3 : IP address : 172.16.3.1 /24

•      VLAN 1 (contains Servers DC, DNS, Exchange server and some hosts)
Server(DC+ DNS ) : 172.16.1.20 / 24
Server( Exchange):172.16.1.21/24
•      VLAN2 (Host only )
Host A : IP address : 172.16.2.10
Host B : Ip address : 172.16.2.11
•      VLAN3 ( Host Only )
Host A : IP address : 172.16.3.10
Host B : Ip address : 172.16.3.11
Goal;
 I need VLAN 2 + VLAN3 Can access to VLAN1
VLAN 2 + VLAN3 Cannot access each other

Please advice me…what should I do ..to solve this problem

Thanks

Attachments:

VLANS.jpg (79 KB) (File Type Details) 

Daiagram

Answer : VLAN ACL ?

Thanks All
But i solved my problem ....by my Self

I applied ACL on CoreSwitch using this command :

ACL 1 Configuration :

rule permit  Source 172.16.2.0 0.0.0.255 Destination 172.16.3.0 0.0.0.255

# then Go to interface VLAN 3
and Apply this command : Packet-filter ( name or number of ACL 1 ) inbound

ACL 2 Configuration :

rule permit  Source 172.16.3.0 0.0.0.255 Destination 172.16.2.0 0.0.0.255

# then Go to interface VLAN 2
and Apply this command : Packet-filter ( name or number of ACL 1 ) inbound

Thats all

Thanks for Every one

Bye