Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Access-List Implementation on Catalyst 4006

Hi,

I have catalyst 4006 switch with Supervisor 2 and Layer 3 module(ws-x4232-l3).

What is the best way of configuring the access-list for restricting the traffic between different vlans. Different Vlans are on different subnets.

example:

vlan 1 : 10.1.2.X/24

vlan 2 : 10.1.3.X/24

vlan 3 : 10.1.4.X/24

How do i restrict traffic between 10.1.2.X network talking to 10.1.4.X network.

regards,

n.s.ravishankar

3 REPLIES
Cisco Employee

Re: Access-List Implementation on Catalyst 4006

If you are using Port-Channels on the RSM, data plane ACLs are not supported. Here is an example

http://www.cisco.com/warp/public/473/28.html#ACL

New Member

Re: Access-List Implementation on Catalyst 4006

Hi,

If i have multiple vlans, need to restrict the access between different vlans and i do not configure portchannels.

How will i implement the inter vlan routing and how do i restrict the traffic as per my requirements. What is the best way of implementation.

regards,

n.s.ravishankar

Bronze

Re: Access-List Implementation on Catalyst 4006

If you are not using the port channel then you can apply the access list, on the main interface (g3 and G4) and if you want to do trunking on those vlans interfaces, then here is the example

int gig3.1

encap dot1q native 1

ip address 10.1.1.1 255.255.255.0

ip access-gr

and so on, please make sure if you are trunking for first 10 vlan on gig 3 which port 2/1 on the switch side (assume L3 is slot2) then only allowed those vlans otherwise and clear rest of the vlans using the command clear trunk 2/1 X

111
Views
0
Helpful
3
Replies
CreatePlease to create content