Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Access-list Switch 3750

Hello,

I request your assistance to set up access-list in order to prohibit the dialogue between VLANs. In my config I have 10 VLANs and I would not like that they discuss between them, but except my VLAN 4 (Administration) I have my dhcp configured above.

In short: 10 VLANs and allow just the dialogue with the VLAN 4 and to prohibit all.

Herewith my config current of the switch:

Thank you

4 REPLIES
Hall of Fame Super Blue

Re: Access-list Switch 3750

Hi

access-list 101 permit ip any 192.168.0.0 0.0.0.255

access-list 101 permit deny ip any any

interface vlan2

ip access-group 101 in

interface vlan3

ip access-group 101 in

Couple of things to note

1) This will only allow vlan 2 / 3 etc. to talk to vlan 4. They will not be allowed to talk to any other destination IP addresses.

2) You don't have to use the same access-list number (101) for every vlan interface if you don't want.

3) If you want to allow your vlans to talk to external IP addresses other than those on the switch your access-list would look

for vlan 2

access-list 101 permit ip any 192.168.0.0 0.0.0.255

access-list 101 deny ip any 192.168.3.0 0.0.0.255

access-list 101 deny ip any 192.168.6.0 0.0.0.255

etc... for each of your vlans

access-list 101 permit ip any any

HTH

Jon

New Member

Re: Access-list Switch 3750

Thank you very much for your assistance. I will test and I will keep you informed

New Member

Re: Access-list Switch 3750

What is the difference if I change the access-list number for every VLANs ??

Hall of Fame Super Blue

Re: Access-list Switch 3750

Hi

If you wanted to see how many hits per vlan you are getting then use separate access-lists or if you need to be more granular and the rules are not exactly the same per vlan.

HTH

Jon

141
Views
0
Helpful
4
Replies
CreatePlease login to create content