Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

How user can access vlan1 & Vlan 2

dear all

i have user in vlan20 and all datacenter servers in vlan1 inedd to give permission to this user so he can access only one server in another vlan1

how can i add this server to both vlan 1 and vlan 2

3 REPLIES
Hall of Fame Super Blue

Re: How user can access vlan1 & Vlan 2

m_sherifi wrote:

dear all

i have user in vlan20 and all datacenter servers in vlan1 inedd to give permission to this user so he can access only one server in another vlan1

how can i add this server to both vlan 1 and vlan 2

Can you clarify.

You have a user in vlan 20 and he needs access to exactly what ? a server in vlan 1 ? where does vlan 2 come into it ?

Jon

New Member

Re: How user can access vlan1 & Vlan 2

sorry there is no vlan 2

the case is i have one user - need to give him permission to access DHCP server and internet isa server with lan printer access only and block him seeing my lan

so..

i create vlan 20 and but this user in this vlan and try to but servers and printer in tow vlan 1 and 20

how can i do this?

Hall of Fame Super Blue

Re: How user can access vlan1 & Vlan 2

m_sherifi wrote:

sorry there is no vlan 2

the case is i have one user - need to give him permission to access DHCP server and internet isa server with lan printer access only and block him seeing my lan

so..

i create vlan 20 and but this user in this vlan and try to but servers and printer in tow vlan 1 and 20

how can i do this?

You can use an acl on the vlan 20 interface to restrict what the user can do eg.

access-list 101 permit ip host host

int vlan 20

ip access-group 101 in

note that with the access-list you can be more specific ie. you don't have to use "permit ip" you can use "permit tcp/udp" and use specific ports. There is an implict deny at the end of any acl so only what you permit will be allowed through.

Jon

499
Views
0
Helpful
3
Replies