SFE2000 & ACL to stop VLAN traffic

Unanswered Question
Sep 25th, 2010

Hi All,

I have setup a new SFE2000 switch to work in Layer 3 mode using the IP address on VLAN 1

Additional VLAN's are:

VLAN2     192.168.102.x     To be used for guest wireless access

VLAN3     192.168.103.x

VLAN4     192.168.104.x

I would like VLAN1, 2, 3 and 4 to be able to communicate with each other while VLAN2 (Guest) needs to be restricted from everything except web access and dhcp assignment from our server.

I have been playing with various ACL's in an effort to accomplish this but so far I have drawn a blank in getting this working.

Can any one draw any light to a managed switch newbie

Thanks in advance


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
james.spencer Sat, 09/25/2010 - 12:21

Ok so I have been playing around with this for most of the day and got no joy what so ever.


I investigated the possibility of CLI and founf lcli which allowed me to create the acl's and the rules and assign them to the interfaces.

Bing! Hey presto it worked.

Not sure why the web interface didn't but such is life.

I was able to get this working with ACLs and setting a static route from the router (in my case Sonicwall TZ 180) back to the SG300 network. I have enclosed screen shots of the config from the GUI. You need to bind the ACL to whatever

ports you want to filter the guest traffic either where they would connect a hard wired connection or where you would connect your Wireless AP. The ACL I have created allows VLAN 13 to get a DHCP address and communicate through DNS but nothing else. is the Sonicwall router which I wanted on a different VLAN.

Hope this helps others with their setup.


This Discussion