Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VLAN Traffic restriction

Hi,

Dear,

I want to block extra ports or traffic between Vlans, we have install 4500 series core cisco switches (root switches) and 3750 access switches.

Can any body help me how can i block extra ports like icmp and remote access. one more thing these ports can allow only from specific IP's from other Vlan.

2 Vlan are running in our network.

 

Regards,

Faisal

1 REPLY

you can do access-list ilkeip

you can do access-list ilke

ip access-list extended ters_in
 permit tcp 10.1.3.32 0.0.0.31 host 192.168.2.9 eq 2100
 ....
 deny   ip any any
ip access-list extended ters_out
 permit tcp host 192.168.2.9 eq 2100 10.1.3.32 0.0.0.31
.....
 deny   ip any any

interface Vlan43
 description ters
 ip address 10.1.3.33 255.255.255.224
 ip access-group ters_in in
 ip access-group ters_out out

81
Views
0
Helpful
1
Replies