cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
344
Views
0
Helpful
3
Replies

assistance requested in configuring VLANs

jaimegorum
Level 1
Level 1

I have VLAN A with Server A1, Server A2, etc. on it.

I have VLAN B with Server B1, Server B2, etc. on it.

I need Server A1 (on VLAN A) to see Server B1 (on VLAN B) only ? no other devices.

While there may be multiple ways to accomplish this, I?m hoping that you can provide me with the best way/s (i.e.; how to configure this on the switch or any other ways). Please note that I am hoping to avoid installing a second NIC in Server A1.

Thanks in advance.

3 Replies 3

Jon Marshall
Hall of Fame
Hall of Fame

Hi

Are the L3 vlan interfaces on the switch or on a router. Assuming they are on a switch

access-list 101 permit ip host "server A1 ip address" host "server B1 ip address"

access-list 101 deny ip host "server A1 ip address" any

access-list permit ip any any

interface vlan A

ip access-group 101 in

Couple of things to note

1) The above access-list allows server A1 to only talk to server B1 and absolutely nothing else.

2) There is a permit ip any any at the end of the access-list to allow other server traffic.

HTH

Jon

Is there routing between the VLANs at the moment or does that need setting up as well?

Basically we need to find out where the routing is taking place and apply the access control list there.

thomas.anthony
Level 1
Level 1

The best way would be Private VLANs but make sure your switch support this. below is the link gives more information

http://www.cisco.com/en/US/tech/tk389/tk689/technologies_configuration_example09186a008017acad.shtml

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: