Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
221
Views
0
Helpful
1
Replies

create a new seperate vlan

raoul2341
Level 1
Level 1

‎11-10-2009 12:32 PM - edited ‎03-06-2019 08:32 AM

Hi

I recently got involved in the configuration of cisco switches and I have to configure a new switch for a different vlan. All existing devices are on Vlan1. Here is my question:

I have a set of new PCs/Servers that need to be on a seperate VLAN e.g vlan 20. These devices should not be accessed by any other device on Vlan1 but they can access one server on Vlan 1. This is what I have done:

1. Created new vlan 20 and interface vlan 20 on a layer3 switch. The routing on the layer 3 switch is set to route everything through the layer 3 switch (route 0.0.0.0 0.0.0.0 192.168.20.1).

2. On the new switch, I assigned an ip address in the .20.XX range and moved all the ports to vlan 20.

3. Assigned the new Pcs/servers static ip addresses in the same range with default gateway the layer 3 switch 192.168.20.1.

It is all working but in thsi configuration the devices on Vlan1 can access the new devices on vlan20.

Your help is greatly appreciated.

Thanks

Labels:
0 Helpful
1 Reply 1

acomiskey
Level 10
Level 10

‎11-10-2009 12:43 PM

You could do something like this...

access-list 100 permit ip host 192.168.20.0 0.0.0.255

access-list 100 deny ip any 192.168.20.0 0.0.0.255

access-list 100 permit ip any any

int vlan 1

ip access-group 100 in

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card