Isolate a segment

Unanswered Question
May 21st, 2009
User Badges:

We have a segment that we would like to isolate , that the host within can only communicate with each other but no with anything in the outside.

I wanted to know what would be better to use Private VLANs or a Firewall just for that segment.

Thank you


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Richard Burts Thu, 05/21/2009 - 06:22
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN


There is a solution that is more simple than Private VLAN or firewall. You can very effectively isolate that segment by creating the layer 2 VLAN and not configuring an IP address on the VLAN interface. If there is no layer 3 device connected to the segment and doing routing for the segment then all of the host on the segment can communicate with each other but can not communicate with anything outside of that segment.




This Discussion