How user can access vlan1 & Vlan 2

m_sherifi · ‎05-08-2010

dear all

i have user in vlan20 and all datacenter servers in vlan1 inedd to give permission to this user so he can access only one server in another vlan1

how can i add this server to both vlan 1 and vlan 2

Jon Marshall · ‎05-08-2010

m_sherifi wrote:

dear all

i have user in vlan20 and all datacenter servers in vlan1 inedd to give permission to this user so he can access only one server in another vlan1

how can i add this server to both vlan 1 and vlan 2

Can you clarify.

You have a user in vlan 20 and he needs access to exactly what ? a server in vlan 1 ? where does vlan 2 come into it ?

Jon

m_sherifi · ‎05-08-2010

sorry there is no vlan 2

the case is i have one user - need to give him permission to access DHCP server and internet isa server with lan printer access only and block him seeing my lan

so..

i create vlan 20 and but this user in this vlan and try to but servers and printer in tow vlan 1 and 20

how can i do this?

Jon Marshall · ‎05-08-2010

m_sherifi wrote:

sorry there is no vlan 2

the case is i have one user - need to give him permission to access DHCP server and internet isa server with lan printer access only and block him seeing my lan

so..

i create vlan 20 and but this user in this vlan and try to but servers and printer in tow vlan 1 and 20

how can i do this?

You can use an acl on the vlan 20 interface to restrict what the user can do eg.

access-list 101 permit ip host host

int vlan 20

ip access-group 101 in

note that with the access-list you can be more specific ie. you don't have to use "permit ip" you can use "permit tcp/udp" and use specific ports. There is an implict deny at the end of any acl so only what you permit will be allowed through.

Jon