cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
523
Views
0
Helpful
2
Replies

Port access

kzhen
Level 1
Level 1

We have a Corp network (VLAN) and guest network (VLAN) setup on the switch 6509E. We are looking for any solutions (restriction) to make the computers in guest network to prevent accessing to any computers in the Corp network and any computers in the Corp network are not able to access to any computers in the guest network, from Layer 3 & Layer 2 perspective. Please advise.

Thank you.

2 Replies 2

Jon Marshall
Hall of Fame
Hall of Fame

kzhen wrote:

We have a Corp network (VLAN) and guest network (VLAN) setup on the switch 6509E. We are looking for any solutions (restriction) to make the computers in guest network to prevent accessing to any computers in the Corp network and any computers in the Corp network are not able to access to any computers in the guest network, from Layer 3 & Layer 2 perspective. Please advise.

Thank you.

Corp network = vlan 10  192.168.5.0/24

Guest vlan = vlan 11 192.168.6.0/24

access-list 101 deny ip 192.168.5.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 101 permit ip 192.168.5.0 0.0.0.255 any

int vlan 10

ip access-group 101 in

access-list 102 deny ip 192.168.6.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 102 permit ip 192.168.6.0 0.0.0.255 any

int vlan 11

ip access-group 102 in

Jon

Ganesh Hariharan
VIP Alumni
VIP Alumni

We have a Corp network (VLAN) and guest network (VLAN) setup on the switch 6509E. We are looking for any solutions (restriction) to make the computers in guest network to prevent accessing to any computers in the Corp network and any computers in the Corp network are not able to access to any computers in the guest network, from Layer 3 & Layer 2 perspective. Please advise.

Thank you.

Hi,

You can achive the above task as suggested by Jon or you can try even VACL for the same,just check out the below links for clear understandings of ACLS to deploy to restrict or permit.

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SXF/native/configuration/guide/vacl.html

http://www.systemengineers.de/cisco/config/access-lists

http://articles.techrepublic.com.com/5100-10878_11-5731134.html

Hope to Help !!

Ganesh.H

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco