secure VLAN

Unanswered Question
Sep 2nd, 2008

I've setup a Cisco 3750 & 3560 with VLAN20 & VLAN30. Is it by default that VLAN20 & VLAN30 are isolated i.e. users on VLAN20 are not able to view VLAN30 files & folders ?

If no, hope I can get some samples to secure the VLANs.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
mahmoodmkl Tue, 09/02/2008 - 01:26


Yes the user will not be able to access the resources from each others vlan.

Just to ask have u used different subnets for these 2 vlans.



Jon Marshall Tue, 09/02/2008 - 02:56

It depends on your setup.

If the switches are connected to each via a trunk link and you have created L3 SVI's for each vlan ie.

int vlan 20

ip address

int vlan 30

ip address

then yes users on vlan 20 can view files and folders on vlan 30 and vice-versa from a network level. Whether they have permissions at the OS level is another matter.

If you want to stop this happening, using the addressing above as an example

access-list 101 deny ip

access-list 101 permit ip any any

access-list 102 deny ip

access-list 102 permit ip any any

int vlan 20

ip access-group 101 in

int vlan 30

ip access-group 102 in



This Discussion