I'm looking for any example code of the following, I think I know how to handle this, but I'd like to see some kind of example to go by.
I currently have 3 sites. Each site has at least one 3560 switch and each site has a 2800 router. (One site has a 2821, one has a 2811, and one has a 2801). Each site is connected to the two others via point to point T1 (3 T1's Total). Everything is working between them. I also have 4 VLans connected that potentially can already see each other
I'd like to add another VLan
There is one TV Appliance at each of our buildings and a computer that sends out data to the Appliances. I have the VLan added on each switch and each switch has the port setup correct. I also have the 3 routers setup correct so that the Computer can see all 3 Appliances. What I'm looking for next is how to only allow the appliances to see each other, but Deny VLan 9 from Accessing any other VLan with the Exception of a single IP address on VLan 2 (The internet Gateway). I think this can be done via access-lists but I'm open to other suggestions or looking for an example so I don't accidentally deny all traffic on the router. Thank you!!!
Actually, the 28xx router does the inter-vlan routing. I have Call Manager and the 28xx routers contain the interface for the PRI (Phone) and I have Call Manager. If i had just one site, i think managing this on the Switch would be very easy, but this v-lan needs to span over the WAN.
I highly recommend moving your inter-vlan routing at the switch. Your network performance (local connectivity) will improve tremendously. Once you make the change, then deploy the desired ACLs.
I don't understand when you mentioned the Vlans need to expand over the WAN. You are routing between locations, not bridging. Your Vlans are being routed over the WAN so they don't expand, they are announce as routes. You can do the same with having the 3560 as the inter-vlan router. Configure a dynamic routing protocol between the 3560 and 28xx and you are set. Use RIPv2 or EIGRP since they are easier to implement.
If you have any more questions, don't hesitate to post back.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...