Options
Switches and ACL's
stevi3
Member Posts: 33 ■■□□□□□□□□
in CCNA & CCENT
Hi there,
Just a quick question! Ive been asked to set up a switch and add computers into seperate VLANS, the only problem is that they all connect to a central file server. Is there a way to do inter VLAN routing without actually having the router there, maybe through ACL's (trying to use Packet Tracer 5.2 to do this, but i can create an ACL on the router, but i cant apply it to an interface because the command doesnt appear)
Thanks
Steven
Just a quick question! Ive been asked to set up a switch and add computers into seperate VLANS, the only problem is that they all connect to a central file server. Is there a way to do inter VLAN routing without actually having the router there, maybe through ACL's (trying to use Packet Tracer 5.2 to do this, but i can create an ACL on the router, but i cant apply it to an interface because the command doesnt appear)
Thanks
Steven
Comments
-
Optionspeanutnoggin Member Posts: 1,096 ■■■□□□□□□□In order to do interVlan routing... you're going to have to have a layer 3 device (router) or a layer 3 Switch.We cannot have a superior democracy with an inferior education system!
-Mayor Cory Booker -
Optionsstevi3 Member Posts: 33 ■■□□□□□□□□peanutnoggin wrote: »In order to do interVlan routing... you're going to have to have a layer 3 device (router) or a layer 3 Switch.
Yea, I gathered that much, sorry I probably worded it wrong. Is it possible to have VLANS connect to the central server (will be on its own vlan too), but not each other. -
Optionspeanutnoggin Member Posts: 1,096 ■■■□□□□□□□Okay... I see what you're saying...
Clients = Vlan 10
Server = Vlan 20
?
If that is the case... you'll still need a layer 3 device. I believe you can do private vlans using ACLs or something to that affect... which may give you what you are looking for... but I could be totally off basis. Someone with more experience may be able to weigh-in on that... HTH
-PeanutWe cannot have a superior democracy with an inferior education system!
-Mayor Cory Booker -
Optionsrwwest7 Member Posts: 300Please refer to your CCNA study material.
Layer 3 switch to route, then ACL's to lock down. -
Optionspeanutnoggin Member Posts: 1,096 ■■■□□□□□□□Please refer to your CCNA study material.
Layer 3 switch to route, then ACL's to lock down.
Ummm.... actually I was referring the OP to something like this:
Private VLANs and VACLs which is beyond the CCNA level. I personally hadn't configured this before and was therefore unaware if it would accomplish what he was trying to do. This is why I stated... "Someone with more experience may be able to weigh-in on that"
Thanks!
-PeanutWe cannot have a superior democracy with an inferior education system!
-Mayor Cory Booker -
OptionsSysAdmin4066 Member Posts: 443Private VLANs and VACLs are CCNP level knowledge. Private VLANs will accomplish what you are looking for.In Progress: CCIE R&S Written Scheduled July 17th (Tentative)
Next Up: CCIE R&S Lab -
Optionsstevi3 Member Posts: 33 ■■□□□□□□□□Thanks alot for the replies. I know the easier solution would be like you said InterVLAN routing and then use ACL to lock down traffic and still let people connect to file share. I was just asked to look at doing this, but without a Layer 3 switch/router being involved.
Thanks again! -
Optionsjason_lunde Member Posts: 567SysAdmin4066 wrote: »Private VLANs and VACLs are CCNP level knowledge. Private VLANs will accomplish what you are looking for.
He IS alive