Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

VLAN's with no routing

I am trying to configure multiple VLANs that will all have internet access, but for security purposes, I don't want any VLANs to talk to each other. How do I configure the router to do this. The router will be a 1710. Thanks

2 REPLIES
New Member

Re: VLAN's with no routing

D,

You'll need to use access lists

access-list 101 deny ip (subnet a) (i-mask) (each other subnet or range of addresses) (i-mask)

access-list 101 deny ip (each other subnet or range of address) (i-mask) (subnet a) (i-mask)

access-list 101 permit ip any any

EXAMPLE:

subnet A = 10.0.1.0, Subnet B = 10.0.2.0

Both class C networks, Subnet mask = 255.255.255.0, imask = 0.0.0.255

access-list 101 deny ip 10.0.1.0 0.0.0.255 10.0.2.0 0.0.0.255

access-list 101 deny ip 10.0.2.0 0.0.0.255 10.0.1.0 0.0.0.255

due this for each network you don't want to talk, end with

access-list permit ip any any

end

wr mem

int Fe0/0.1 (where each subnet exists...)

ip access-group 101 in

New Member

Re: VLAN's with no routing

Thanks for the info. I don't have the hardware yet so i can't try it.

108
Views
4
Helpful
2
Replies