I have several remote offices and all offices use the same VLAN's 1,2,3,4,5,6,etc... I was able to create an access-list which will only allow VLAN 1 in one remote office to communicate with VLAN 1 in the other remote offices. The problem I have is when traffic tries to route to the Internet. Normally I would just add an ANY statement for this. But if I do that then all the traffic will be permitted. The other way would be to individually deny traffic to the VLAN's. But this would require a lot of statements and might be difficult to manage. I think there is an easier way to do this. Does anyone have any suggestions. Thanks.
I have this problem too.