Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
494
Views
0
Helpful
2
Replies

secure VLAN

tmssupport
Level 1
Level 1

‎09-02-2008 01:22 AM - edited ‎03-06-2019 01:07 AM

I've setup a Cisco 3750 & 3560 with VLAN20 & VLAN30. Is it by default that VLAN20 & VLAN30 are isolated i.e. users on VLAN20 are not able to view VLAN30 files & folders ?

If no, hope I can get some samples to secure the VLANs.

regards,

Labels:
0 Helpful
2 Replies 2

mahmoodmkl
Level 7
Level 7

‎09-02-2008 01:26 AM

Hi

Yes the user will not be able to access the resources from each others vlan.

Just to ask have u used different subnets for these 2 vlans.

Thanks

Mahmood

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame

‎09-02-2008 02:56 AM

It depends on your setup.

If the switches are connected to each via a trunk link and you have created L3 SVI's for each vlan ie.

int vlan 20

ip address 192.168.5.1

int vlan 30

ip address 192.168.6.1

then yes users on vlan 20 can view files and folders on vlan 30 and vice-versa from a network level. Whether they have permissions at the OS level is another matter.

If you want to stop this happening, using the addressing above as an example

access-list 101 deny ip 192.168.5.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 101 permit ip any any

access-list 102 deny ip 192.168.6.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 102 permit ip any any

int vlan 20

ip access-group 101 in

int vlan 30

ip access-group 102 in

Jon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card