vlan

mcsemcsemcsemcsemcsemcse Member Posts: 17 ■□□□□□□□□□
in CCNP
how can i prevent to access other vlans to spesific vlan i have done all the configuration on switch with 2-6 vlan and router subinterfaces to each vlan i need to prevent now acccessing to vlan 5 from the other vlans but stilll vlan5 should access the other vlans
· Share on FacebookShare on Twitter

Comments

  • Forsaken_GAForsaken_GA Member Posts: 4,024
    Assuming you've split the vlans into their own subnets, just a matter of using the proper ACL's
    · Share on FacebookShare on Twitter
  • networker050184networker050184 Mod Posts: 11,962 Mod
    Private VLANs.
    An expert is a man who has made all the mistakes which can be made.
    · Share on FacebookShare on Twitter
  • dax_kundax_kun Member Posts: 20 ■□□□□□□□□□
    I know you can limit the intervlan connection per subinterface.
    · Share on FacebookShare on Twitter
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    While that's good reading, it's probably a bit much for what he wants, though it's hard to make that assumption. Also not going to be very helpful if what he's doing is for studying, as that setup mostly involves CatOS instead of IOS.

    He mentions router subinterfaces, so I assume he's doing intervlan routing via router on a stick.

    Easiest way to do this would probably be to define an inbound ACL on his vlan5 subinterface that deny's all inbound traffic except that which is already established. That would serve the purpose of isolating vlan5 from everything unless vlan5 spoke to it first
    · Share on FacebookShare on Twitter
  • networker050184networker050184 Mod Posts: 11,962 Mod
    Sorry, here is the IOS link.


    I agree a simple ACL would be the easiest, but there is nothing wrong with broadening your knowledge and having more than one way to skin a cat icon_wink.gif
    An expert is a man who has made all the mistakes which can be made.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.