Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Intervlan traffic filtering

I have a 3750 switch with intervlan routing enabled. I have created 4 vlans as a,b,c & d. At the moment intervlan routing between all the vlans is possible. But for security reason I DO NOT want vlan c & d to communicate with vlan a & b. I want vlan a to communicate only with vlan b and vlan b to communicate only with vlan a.

Please help me to do this

2 ACCEPTED SOLUTIONS

Accepted Solutions
Cisco Employee

Re: Intervlan traffic filtering

Hello Prasanga,

You configure ACLs to isolate the traffic.

the following link will guide you in implementing it

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_44_se/configuration/guide/swacl.html

HTH

Padmanabhan

Hall of Fame Super Blue

Re: Intervlan traffic filtering

Prasanga

As an example

a = 192.168.5.0/24

b = 192.168.6.0/24

c = 192.168.7.0/24

d = 192.168.8.0/24

access-list 101 deny ip 192.168.7.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 101 deny ip 192.168.7.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 101 permit ip any any

int vlan c

ip access-group 101 in

access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 102 permit ip any any

int vlan d

ip access-group 102 in

Jon

3 REPLIES
Cisco Employee

Re: Intervlan traffic filtering

Hello Prasanga,

You configure ACLs to isolate the traffic.

the following link will guide you in implementing it

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_44_se/configuration/guide/swacl.html

HTH

Padmanabhan

Hall of Fame Super Blue

Re: Intervlan traffic filtering

Prasanga

As an example

a = 192.168.5.0/24

b = 192.168.6.0/24

c = 192.168.7.0/24

d = 192.168.8.0/24

access-list 101 deny ip 192.168.7.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 101 deny ip 192.168.7.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 101 permit ip any any

int vlan c

ip access-group 101 in

access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 102 permit ip any any

int vlan d

ip access-group 102 in

Jon

New Member

Re: Intervlan traffic filtering

Thanks a lot.

It works

125
Views
0
Helpful
3
Replies