Re: VLAN isolation to just Internet, no local accessibility
Assuming the vlan interface for the isolated vlan is on the 4006 you need to create an access-list that denies traffic from any other vlan in your network and then permits from any other ie. the Internet
So lets assume you have 3 other subnets on your 4006
The isolated subnet is
Also lets assume the isolated vlan interface is vlan 10
access-list 101 deny ip 192.168.5.0 0.0.0.255 192.168.8.0 0.0.0.255
access-list 101 deny ip 192.168.6.0 0.0.0.255 192.168.8.0 0.0.0.255
access-list 101 deny ip 192.168.7.0 0.0.0.255 192.168.8.0 0.0.0.255
access-list 101 permit ip any 192.168.8.0 0.0.0.255
access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.5.0 0.0.0.255
access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.6.0 0.0.0.255
access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.7.0 0.0.0.255
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...