Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VACL for guest http access

6513 core switch with MSFC 15 and 16 configured with Inter-vlan routing and static routes to internet.

I want to setup a wireless guest network on school wide network and limit only web access in and out to port 80. I want to create a guest vlan with a VACL to segment.

Is this a good solution and what is the best VACL config?

4 REPLIES
New Member

Re: VACL for guest http access

Hi, YEs with the help of vlans u can restric the traffic via source IP, dest IP, Src port & dest port. I wud suggest to create a separate vlan for wireless & on that vlan apply VACL which allow only http traffic.

Hope it will give u some idea.

Thanks

Ninja

New Member

Re: VACL for guest http access

Thanks jain,

I have the VLAN created with a small subnet. Routing is working to the internet. I'm not sure on the VACL. Do I apply them at the MSFC or the sup?

I've read on VACL's and It's a bit sketchy, I've seen code for both.

Not sure where to apply.

New Member

Re: VACL for guest http access

I posed this same question to a Cisco tech and was told to apply the vacl to the sup, not the MSFC.

New Member

Re: VACL for guest http access

Hi,

That was correct...thanks for your help. It works like a charm. Need to do this more often.

218
Views
0
Helpful
4
Replies
CreatePlease login to create content