Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Vlan question

I have a question about Vlans. I have a client of ours that is a catering hall/business/hotel. They have 4 rooms that will be setup with Internet access. My question is, can I setup up a vlan, so the rooms can not access anything but the internet? They will running out the same t1 line as the business, and we want to protect there server from anyone inside the rooms. Can I setup the rooms on there own vlan and only allow them access to the t1? I am pretty sure that it can be done reading all the docs, but I just want to be sure.

New Member

Re: Vlan question

You will have to set up an ACL on the router or RSM that is connecting the VLAN's to the internet to block that traffic to the main network. The router or RSM will route traffic between the VLAN's without filtering by default. You can create an ACL like:

access-list 100 deny ip x.x.x.x any

access-list 100 permit ip any any

x.x.x.x would be one of the VLAN subnets. This ACL will block traffic from that subnet and allow all other ip traffic. You would want another ACL or a firewall for your internet connection.

CreatePlease login to create content