Solved: Intervlan traffic filtering

gamage123 · ‎06-07-2008

I have a 3750 switch with intervlan routing enabled. I have created 4 vlans as a,b,c & d. At the moment intervlan routing between all the vlans is possible. But for security reason I DO NOT want vlan c & d to communicate with vlan a & b. I want vlan a to communicate only with vlan b and vlan b to communicate only with vlan a.

Please help me to do this

padramas · ‎06-07-2008

Hello Prasanga,

You configure ACLs to isolate the traffic.

the following link will guide you in implementing it

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_44_se/configuration/guide/swacl.html

HTH

Padmanabhan

View solution in original post

Jon Marshall · ‎06-08-2008

Prasanga

As an example

a = 192.168.5.0/24

b = 192.168.6.0/24

c = 192.168.7.0/24

d = 192.168.8.0/24

access-list 101 deny ip 192.168.7.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 101 deny ip 192.168.7.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 101 permit ip any any

int vlan c

ip access-group 101 in

access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 102 permit ip any any

int vlan d

ip access-group 102 in

Jon