filter inter-vlan routes

Unanswered Question
May 18th, 2007
User Badges:

how can i filter the inter-vlan routing on a layer 3 switch? i want to route between all vlans except for the management vlan (preventing access vlan traffic from getting to the mgmt vlan and vice versa). is this just done with access lists? can someone please give me an example?


thanks!


matt

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
acomiskey Fri, 05/18/2007 - 12:52
User Badges:
  • Green, 3000 points or more

Could be something as simple as this...


access-list 100 deny ip any

access-list 100 permit ip any any


int vlan 100 (not management vlan)

access-group 100 in

Richard Burts Fri, 05/18/2007 - 13:03
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Matt


I might suggest that a slightly different title for your post might be a bit more appropriate: filtering inter VLAN traffic (rather than routes). Since you seem to be dealing with a layer 3 switch and connected interface routes there is not any way to filter the routes (filtering routes is only possible when routes are advertised between routers or layer 3 switches).


But filtering traffic between VLANs is very posible and Adam has provided an example of how to do that.


HTH


Rick

Actions

This Discussion