06-07-2008 08:59 PM - edited 03-05-2019 11:29 PM
I have a 3750 switch with intervlan routing enabled. I have created 4 vlans as a,b,c & d. At the moment intervlan routing between all the vlans is possible. But for security reason I DO NOT want vlan c & d to communicate with vlan a & b. I want vlan a to communicate only with vlan b and vlan b to communicate only with vlan a.
Please help me to do this
Solved! Go to Solution.
06-07-2008 09:18 PM
Hello Prasanga,
You configure ACLs to isolate the traffic.
the following link will guide you in implementing it
HTH
Padmanabhan
06-08-2008 01:42 AM
Prasanga
As an example
a = 192.168.5.0/24
b = 192.168.6.0/24
c = 192.168.7.0/24
d = 192.168.8.0/24
access-list 101 deny ip 192.168.7.0 0.0.0.255 192.168.5.0 0.0.0.255
access-list 101 deny ip 192.168.7.0 0.0.0.255 192.168.6.0 0.0.0.255
access-list 101 permit ip any any
int vlan c
ip access-group 101 in
access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.5.0 0.0.0.255
access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.6.0 0.0.0.255
access-list 102 permit ip any any
int vlan d
ip access-group 102 in
Jon
06-07-2008 09:18 PM
Hello Prasanga,
You configure ACLs to isolate the traffic.
the following link will guide you in implementing it
HTH
Padmanabhan
06-08-2008 01:42 AM
Prasanga
As an example
a = 192.168.5.0/24
b = 192.168.6.0/24
c = 192.168.7.0/24
d = 192.168.8.0/24
access-list 101 deny ip 192.168.7.0 0.0.0.255 192.168.5.0 0.0.0.255
access-list 101 deny ip 192.168.7.0 0.0.0.255 192.168.6.0 0.0.0.255
access-list 101 permit ip any any
int vlan c
ip access-group 101 in
access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.5.0 0.0.0.255
access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.6.0 0.0.0.255
access-list 102 permit ip any any
int vlan d
ip access-group 102 in
Jon
06-14-2008 10:11 PM
Thanks a lot.
It works
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide