Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Public SSID/VLAN config

I will have some outside vendors and support staff using wireless from inside my network. In order to try and setup a "secure" net for them to use that is segmented from the rest of my network, I created a new vlan (pspf enabled) and ssid for them. On the vlan I have setup and acl and applied it to the incoming traffic. Here it is:

10 permit icmp any any

20 permit udp any eq bootpc any

30 deny tcp any 10.0.0.0 0.255.255.255

40 deny udp any 10.0.0.0 0.255.255.255

50 permit tcp any any eq www

60 permit tcp any any eq 443

70 permit udp any any eq domain

80 deny ip any any log

I have tested it briefly and it appears to be doing what I want, any recommendations on tweaks?

dave

  • Security and Network Management
2 REPLIES
New Member

Re: Public SSID/VLAN config

Hi dave,

Yaa your condition is correct ,You can add the follwoing condition insted of using

'20 permit udp any eq bootpc any'

new

'20 permit udp any any eq bootps'

are you allowing any telnet,SSH seesion ?,If then apply the condition for the same or block the same.

Regads

Saji k.s

New Member

Re: Public SSID/VLAN config

Hi dave,

Apply this command.

permit udp any any eq bootpc

Regds

saji k.s

110
Views
0
Helpful
2
Replies
This widget could not be displayed.