Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Limiting Client access on switches

Hi

I have a server, and two clients. I need the server to be able to see both clients and both clients to see the server, but I dont want the clients to be able to see each other. It would be nice if I could put some restrictions on the switchports to do this as I dont want to do inter-vlan routing. I can plug these in to 3550, 2950 or 2900xl/3500xl switches. Can anyone help. I thought there may be some good options on the 3550's perhaps.

Regards

5 REPLIES

Re: Limiting Client access on switches

Look into private vlans.

http://www.cisco.com/warp/public/473/90.shtml (what they are)

http://www.cisco.com/warp/public/473/63.html (what models support it).

Hope it helps.

Steve

New Member

Re: Limiting Client access on switches

Cheers Steve .... I will look into this

New Member

Re: Limiting Client access on switches

Hi

I have a read of these ..... does the protected port feature acheive the same as pvlan's ..... to me it seems to but was just wondering if there were any differences.

Just one other thing, it is recommended as a security feature to block unknown multicast and unicast on switchports, is this essential and what does "unknown" mean. (Sorry - not too good on security)

Regards

Re: Limiting Client access on switches

Protected ports are also referred to as private VLAN ports. They are one and the same (different platforms, same result).

They mean unknown in that some ports have static mac addresses assigned to them. As such, they have no unknown destinations, and flooding to those ports would serve no function. See link: http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/29_35wc/sc/swgports.htm#xtocid81658

Steve

New Member

Re: Limiting Client access on switches

Hi Steve

Cheers for that. Thats great

Regards

72
Views
4
Helpful
5
Replies
CreatePlease to create content