Our 3750G switch has one VLAN. The switch has workstations and printers attached. We want to only allow communication from a central print server to the printers, so no direct workstation to printer communication. The central print server is on another part of the network. What's the best way to filter restrict traffic to the printers?
Do I need to create another printer VLAN and apply ACLs between the 2? I'm hoping to keep just one VLAN. Thanks.
the 3750s have the possibility to do access-list on both egress and ingress on routed ports. so if you are going with the vlan option you make 2 access-lists, one for inbound traffic to the printers and one for outbound traffic from the printers.
add them to the routed interface (two rows)
"ip access-group 101 in"
"ip access-group 102 out"
in switch mode however there is only in.
so then you will have to add a block (access-list) to every interface on the switches or settle for halfopen connections ie the connection goes to the printer but is blocked on the way back to the sender.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...