LAN Users are on VLAN#5
Web-Server on VLAN#10
Backup Network on VLAN#25
Lan_Users : 192.168.100/24
Web_server : 10.10.10.1/24
Backup Network : 192.168.1.0/24
nework 10.10.10.0 0.0.0.255
network 192.168.100.0 0.0.0.255
Backup Network is not configured on OSPF still LAN_Users are able to access the Backup_Network and ping it.
We dont want Backup_Network VLAN to communicate with Other VLAN.
Can someone help on this.
you would need to configure your C4500 using the command:
interface vlan 25
ip address ....
only if the devices that are in VLAN25 need to communicate with devices outside VLAN 25.
If devices in VLAN25 only need to communicate with device inside VLAN25, you do not need to configure an interface vlan 25.
Regarding the question about what the reason is that other devices can communicate with devices in VLAN 25; Because you configured an IP address on you C4500, the subnet is put into the routing table as "directly connected". This means that the C4500 has an IP address in VLAN 25 (directly connected).
Devices in other VLANs on your C4500 have this C4500 as default gateway. When they try to connect to an IP Address inside VLAN25, they use their default gateway, reach the C4500 which performs a routing table lookup, and finds that VLAN25 is directly connected and forwards traffic.
If you delete the interface VLAN 25
no interface vlan 25
the subnet is erased from the routing table and nobody outside VLAN25 is cabapble of communicating with devices inside VLAN25, like you want.