Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

VLAN access-list

Hi All Expert,

I need to restrict VLAN access to VLAN but able to access internet, how can I do this?

Please help.

Thank you.

Rgds,

Au Yeong Shaw Voel

1 ACCEPTED SOLUTION

Accepted Solutions

Re: VLAN access-list

Hello,

The question would be, do you need to restrict the traffic inside the same vlan? or inter-vlan?

for intra-vlan (same vlan) traffic there're at least 2 solutions:

private vlans and VACL (vlan acls as your post title).

for inter-vlan you can use extended ACL to accomplish this task.

using something like:

access-list 100 permit tcp 10.10.10.0 0.0.0.255 any eq www

If you need more detailed configs, please give us more details on your set up.

"Securing Networks with Private VLANs and VLAN Access Control Lists"

http://www.cisco.com/warp/public/473/90.shtml

ACL:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/hsec_c/part15/schacls.htm#wp1000913

HTH,

if it does, please rate this post.

Vlad

1 REPLY

Re: VLAN access-list

Hello,

The question would be, do you need to restrict the traffic inside the same vlan? or inter-vlan?

for intra-vlan (same vlan) traffic there're at least 2 solutions:

private vlans and VACL (vlan acls as your post title).

for inter-vlan you can use extended ACL to accomplish this task.

using something like:

access-list 100 permit tcp 10.10.10.0 0.0.0.255 any eq www

If you need more detailed configs, please give us more details on your set up.

"Securing Networks with Private VLANs and VLAN Access Control Lists"

http://www.cisco.com/warp/public/473/90.shtml

ACL:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/hsec_c/part15/schacls.htm#wp1000913

HTH,

if it does, please rate this post.

Vlad

403
Views
0
Helpful
1
Replies