Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Blocking access to a VLAN

Is there a quick way to block access to one Vlan?

I have 6 buildings interconnected by fiber.  I am about to add a new building.

For the new building, they should be allowed access to all buildings except building 5 (VLAN 5).

Which switch do I put the restriction on (the one in the new building, or the one in Building 5, or be super paranoid and do both, lol).  What is the command?  (These are connected via trunking ports)

Thank you.

  • LAN Switching and Routing
2 REPLIES

Re: Blocking access to a VLAN

Do you need to have vlan 5 get access to this building but not the other way around? You can configure an acl on the svi for vlan 5 on your core switch. If you don't need them to have access to vlan 5 at all, don't create the vlan on the switch and don't allow the vlan over the trunk to that switch.

What type of switch is in building 5? L2 or L3? Is there a direct connect from this new building to Building 5 (I'm assuming not.) It may help to have a diagram of what your layout is to so we can see the path the data would take......

HTH,

John

HTH, John *** Please rate all useful posts ***

Re: Blocking access to a VLAN

Is there a quick way to block access to one Vlan?

I have 6 buildings interconnected by fiber.  I am about to add a new building.

For the new building, they should be allowed access to all buildings except building 5 (VLAN 5).

Which switch do I put the restriction on (the one in the new building, or the one in Building 5, or be super paranoid and do both, lol).  What is the command?  (These are connected via trunking ports)

Thank you.

Hi,

Better thumb rule say apply the ACL near to source that building 6,You can configure acl with permit all and deny vlan 5 subnet and apply to in direction on buliding 6 switch.

Check out the below link for ACL configuration

http://www.cisco.rw/en/US/products/sw/secursw/ps1018/products_tech_note09186a00800a5b9a.shtml

Hope to Help !!

Ganesh.H

Remember to rate the helpful post

171
Views
0
Helpful
2
Replies
This widget could not be displayed.