We are having 6509 as coreswitch and 3550s as distributed switches and I wanted to restrict access to management vlan leaving few machines in the management vlan.
I could not understand properly vlan access lists that are explained in cisco docs. Can somebody post handful examples of vacls to block traffic to a particular vlan from other vlans(they should not be able to sniff the mngmnt traffic) and then leaving NMS and servers that are in management vlan(so that nms can collect stats).
Don't think you need vlan acl's . Just create the access list statements you need to block the traffic you want and you just apply that ACL to the layer 3 SVI (interface vlan XX) . If you have servers in that mgt. vlan that will make it a lot more difficult and you will have to get real specific on what address you want to let get to the vlan and servers which will make list somewhat more complex .
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...