Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
304
Views
0
Helpful
5
Replies

blocking traffic between vlans

erodrig
Level 1
Level 1

‎04-06-2004 03:05 PM - last edited on ‎03-25-2019 02:51 PM by Community Manager

Hi, i need to block traffic between vlans in one way, i mean hosts in vlan 12 should reach hosts in vlan 9, but vlan 9 should not reach hosts in vlan 12

what is the best way to do it?

thanks

Labels:
0 Helpful
5 Replies 5

tbaranski
Level 4
Level 4

‎04-06-2004 04:32 PM

You'll need to use ACLs that are capable of keeping state on traffic flows: either reflexive ACLs or CBAC. Not all devices support these types of ACLs,though.

0 Helpful

erodrig
Level 1
Level 1
In response to tbaranski

‎04-07-2004 03:44 PM

ups, my catalyst 4006 (ios version 12.1(19)EW) don´t support this ACLs any other idea?

regards

0 Helpful

milan.kulik
Level 10
Level 10

‎04-06-2004 11:06 PM

If you really need to be safe, what about to connect PIX to separate these networks?

It enables connection from "inside" to "outside" by default while blocking any "outside" to "inside" connections.

And you can tune with high granularity which traffic you allow and which not.

Regards,

Milan

0 Helpful

erodrig
Level 1
Level 1
In response to milan.kulik

‎04-07-2004 03:47 PM

Hi

i don´t have a pix, i need to do it with a catalyst 4006 (ios 12.1(19)EW), are the ACLs the only way?

regards

0 Helpful

tbaranski
Level 4
Level 4
In response to erodrig

‎04-07-2004 05:13 PM

Some type of filtering, whether via ACLs or a firewall, is the only method I can think of to accomplish what you want to do.

0 Helpful
Customers Also Viewed These Support Documents