Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Vlans Issues

Dear all,

I have a problem in my LAN. I have added

two vlans : one for DATA and the second for voice (/24). For the data vlan, i have pcs and printers, but i want add a special config for some users who work with a new application (installed in ServerAPP) and automates A1, A2, A3, A4. I want that just these users communicate with the ServerAPP and just this server communicate with automates (A1,..) ?

Please how to do this configuration ?

Best regards,

5 REPLIES
New Member

Re: Vlans Issues

I would create another VLAN, put these users in that, and use ACL's to regulate desired/unwanted traffic between the VLAN's.

New Member

Re: Vlans Issues

Hello,

Yes, of course. This is a solution, but our standard is to add two vlan (data/voice) for each site. I can't add a 3 vlan.

Please i have the list of ip adress of these users, ip @ of the ServerAPP, and the ip @ of the automates (all in the same vlan 192.168.1.0/24). I can add access-list but it's not possible to apply ACL out under fastethernet0/1 .. in the switch !!!

Thanks,

Re: Vlans Issues

if this is the condition then explain us how you have configure intervlan routing... you are using router for intervlan routing or using switch(L-3 Switch) for intervlan routing...

if you are using L3 switch then think for vlanaccesslist...

rate all the helpfull post

regards

Devang

Blue

Re: Vlans Issues

you'll have to apply the access list to a routed interface. or you need to create VACLs to apply to VLANs.

what type of switch(s) are you using?

Re: Vlans Issues

hi...

you can create one more vlan and you can put that A1 this design will be good if you have intervlan routing using the router, then you can create one extra vlan and you can deny the other subnet or vlan user to access the server but the user A1, A2... and server can communicat with the all other

... and server in same vlan or you can use the vlan accesslist to overcome it...

i prefer to use the VLAN access-list to prevent the other user to access server...

please rate this post if it helps

regards

Devang

108
Views
0
Helpful
5
Replies
CreatePlease to create content