Random layout question

Ok, Im at work and cant test this...but I just thought of it and not being able to test it is going crazy, so I want to check with you guys.

I have a wired home computer to a linksys router which is connected to a cable modem.....thats how the computer gets to the net, what I want to do is apply an ACL to block the computer from accessing or only allowing it to access certain sites on the using ACL. Here's my concept.

Leave the modem connected to the linksys, connect the linksys to a switch via a cross over cable, connect the computer to the switch, and the switch to a router. Put the "internet" in vlan 2, and the computer in vlan 3, and make the link to the router a trunk port, then apply an access list to the sub-interface of the router that is associated to vlan 3 that is an extended list.

Sound plausible? or could I accomplish this differently?

Find more posts tagged with

SAVE $250 on Your CISCO Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View CISCO Boot Camps

Comments

BubbaJ

Yes, but there are some things to think about.

Does the Linksys (some models do) have the parental control ability? This is similar to what you are trying to accomplish.

You will have to use a static address on the PC, or you will have to set up DHCP on the router, since the Linksys can't do it through the router.

You could get a small Layer 3 switch to use in place of the Linksys, switch, and router.

Danman32

Is this for 'production' or as a lab for certification training?

If this is for 'production', using the linksys's features may be better as Wizard suggested.

wizarddeath

Danman32 wrote:

Is this for 'production' or as a lab for certification training?

If this is for 'production', using the linksys's features may be better as Wizard suggested.

Home lab

Danman32

It should work if without the ACLs the traffic is getting routed. Just remember that your linksys is probably the NAT firewall, so the destination address for inbound traffic and source address for outbound traffic is not the linksys' public address as far as the router is concerned, but the source and destination for inbound/outbound still is the original public address.

Have fun with it. I wish I could get a setup like that. Maybe soon.