Options
vlan
mcsemcsemcse
Member Posts: 17 ■□□□□□□□□□
in CCNP
how can i prevent to access other vlans to spesific vlan i have done all the configuration on switch with 2-6 vlan and router subinterfaces to each vlan i need to prevent now acccessing to vlan 5 from the other vlans but stilll vlan5 should access the other vlans
Comments
-
OptionsForsaken_GA Member Posts: 4,024Assuming you've split the vlans into their own subnets, just a matter of using the proper ACL's
-
Optionsnetworker050184 Mod Posts: 11,962 ModAn expert is a man who has made all the mistakes which can be made.
-
Optionsdax_kun Member Posts: 20 ■□□□□□□□□□I know you can limit the intervlan connection per subinterface.
-
OptionsForsaken_GA Member Posts: 4,024While that's good reading, it's probably a bit much for what he wants, though it's hard to make that assumption. Also not going to be very helpful if what he's doing is for studying, as that setup mostly involves CatOS instead of IOS.
He mentions router subinterfaces, so I assume he's doing intervlan routing via router on a stick.
Easiest way to do this would probably be to define an inbound ACL on his vlan5 subinterface that deny's all inbound traffic except that which is already established. That would serve the purpose of isolating vlan5 from everything unless vlan5 spoke to it first -
Optionsnetworker050184 Mod Posts: 11,962 ModSorry, here is the IOS link.
I agree a simple ACL would be the easiest, but there is nothing wrong with broadening your knowledge and having more than one way to skin a catAn expert is a man who has made all the mistakes which can be made.