I recently got involved in the configuration of cisco switches and I have to configure a new switch for a different vlan. All existing devices are on Vlan1. Here is my question:
I have a set of new PCs/Servers that need to be on a seperate VLAN e.g vlan 20. These devices should not be accessed by any other device on Vlan1 but they can access one server on Vlan 1. This is what I have done:
1. Created new vlan 20 and interface vlan 20 on a layer3 switch. The routing on the layer 3 switch is set to route everything through the layer 3 switch (route 0.0.0.0 0.0.0.0 192.168.20.1).
2. On the new switch, I assigned an ip address in the .20.XX range and moved all the ports to vlan 20.
3. Assigned the new Pcs/servers static ip addresses in the same range with default gateway the layer 3 switch 192.168.20.1.
It is all working but in thsi configuration the devices on Vlan1 can access the new devices on vlan20.
Your help is greatly appreciated.