Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
586
Views
0
Helpful
4
Replies

VACL for guest http access

Michael Sales
Level 1
Level 1

‎02-10-2007 05:33 AM - edited ‎03-05-2019 02:16 PM

6513 core switch with MSFC 15 and 16 configured with Inter-vlan routing and static routes to internet.

I want to setup a wireless guest network on school wide network and limit only web access in and out to port 80. I want to create a guest vlan with a VACL to segment.

Is this a good solution and what is the best VACL config?

Labels:
0 Helpful
4 Replies 4

jain.nitin
Level 3
Level 3

‎02-11-2007 10:39 AM

Hi, YEs with the help of vlans u can restric the traffic via source IP, dest IP, Src port & dest port. I wud suggest to create a separate vlan for wireless & on that vlan apply VACL which allow only http traffic.

Hope it will give u some idea.

Thanks

Ninja

0 Helpful

Michael Sales
Level 1
Level 1
In response to jain.nitin

‎02-14-2007 04:30 PM

Thanks jain,

I have the VLAN created with a small subnet. Routing is working to the internet. I'm not sure on the VACL. Do I apply them at the MSFC or the sup?

I've read on VACL's and It's a bit sketchy, I've seen code for both.

Not sure where to apply.

0 Helpful

bfledderjohn
Level 1
Level 1
In response to Michael Sales

‎04-06-2007 12:59 PM

I posed this same question to a Cisco tech and was told to apply the vacl to the sup, not the MSFC.

0 Helpful

Michael Sales
Level 1
Level 1
In response to bfledderjohn

‎05-11-2007 04:20 AM

Hi,

That was correct...thanks for your help. It works like a charm. Need to do this more often.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card