How user can access vlan1 & Vlan 2

Unanswered Question
May 8th, 2010
User Badges:

dear all


i have user in vlan20 and all datacenter servers in vlan1 inedd to give permission to this user so he can access only one server in another vlan1


how can i add this server to both vlan 1 and vlan 2

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Sat, 05/08/2010 - 02:34
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

m_sherifi wrote:


dear all


i have user in vlan20 and all datacenter servers in vlan1 inedd to give permission to this user so he can access only one server in another vlan1


how can i add this server to both vlan 1 and vlan 2


Can you clarify.


You have a user in vlan 20 and he needs access to exactly what ? a server in vlan 1 ? where does vlan 2 come into it ?


Jon

m_sherifi Sat, 05/08/2010 - 02:56
User Badges:

sorry there is no vlan 2


the case is i have one user - need to give him permission to access DHCP server and internet isa server with lan printer access only and block him seeing my lan

so..

i create vlan 20 and but this user in this vlan and try to but servers and printer in tow vlan 1 and 20


how can i do this?

Jon Marshall Sat, 05/08/2010 - 02:59
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

m_sherifi wrote:


sorry there is no vlan 2


the case is i have one user - need to give him permission to access DHCP server and internet isa server with lan printer access only and block him seeing my lan

so..

i create vlan 20 and but this user in this vlan and try to but servers and printer in tow vlan 1 and 20


how can i do this?


You can use an acl on the vlan 20 interface to restrict what the user can do eg.


access-list 101 permit ip host host


int vlan 20

ip access-group 101 in


note that with the access-list you can be more specific ie. you don't have to use "permit ip" you can use "permit tcp/udp" and use specific ports. There is an implict deny at the end of any acl so only what you permit will be allowed through.


Jon

Actions

This Discussion