I'm looking for any example code of the following, I think I know how to handle this, but I'd like to see some kind of example to go by.
I currently have 3 sites. Each site has at least one 3560 switch and each site has a 2800 router. (One site has a 2821, one has a 2811, and one has a 2801). Each site is connected to the two others via point to point T1 (3 T1's Total). Everything is working between them. I also have 4 VLans connected that potentially can already see each other
I'd like to add another VLan
There is one TV Appliance at each of our buildings and a computer that sends out data to the Appliances. I have the VLan added on each switch and each switch has the port setup correct. I also have the 3 routers setup correct so that the Computer can see all 3 Appliances. What I'm looking for next is how to only allow the appliances to see each other, but Deny VLan 9 from Accessing any other VLan with the Exception of a single IP address on VLan 2 (The internet Gateway). I think this can be done via access-lists but I'm open to other suggestions or looking for an example so I don't accidentally deny all traffic on the router. Thank you!!!