Options
vlan
mcsemcsemcse
Member Posts: 17 ■□□□□□□□□□
in CCNP
how can i prevent to access other vlans to spesific vlan i have done all the configuration on switch with 2-6 vlan and router subinterfaces to each vlan i need to prevent now acccessing to vlan 5 from the other vlans but stilll vlan5 should access the other vlans
Comments
-
Options
Forsaken_GA
Member Posts: 4,024
Assuming you've split the vlans into their own subnets, just a matter of using the proper ACL's -
Options
networker050184
Mod Posts: 11,962 Mod
An expert is a man who has made all the mistakes which can be made. -
Optionsdax_kun
Member Posts: 20 ■□□□□□□□□□
I know you can limit the intervlan connection per subinterface.
-
OptionsForsaken_GA
Member Posts: 4,024
While that's good reading, it's probably a bit much for what he wants, though it's hard to make that assumption. Also not going to be very helpful if what he's doing is for studying, as that setup mostly involves CatOS instead of IOS.
He mentions router subinterfaces, so I assume he's doing intervlan routing via router on a stick.
Easiest way to do this would probably be to define an inbound ACL on his vlan5 subinterface that deny's all inbound traffic except that which is already established. That would serve the purpose of isolating vlan5 from everything unless vlan5 spoke to it first -
Optionsnetworker050184
Mod Posts: 11,962 Mod
Sorry, here is the IOS link.
I agree a simple ACL would be the easiest, but there is nothing wrong with broadening your knowledge and having more than one way to skin a cat
An expert is a man who has made all the mistakes which can be made.