01-11-2010 01:04 PM
Hello all,
I am trying to block access from 1 VLAN to another without disabling InterVLAN routing.
In my access list entry I have the following:
Deny ALL protocols, Source interface LAN; Source Address Network 192.168.8.0/24 (VLAN I wish to block); Destination Address Network 192.168.1.0.
It looks like this should work however hosts from the 192.168.8.0 network can access the 192.168.1.0 network. If I disable InterVLAN routing it blocks traffic between the VLANs as you would expect. In the future I plan to have another VLAN that I do wish to route between VLANs.
Any help would be appreciated,
Thanks!
Brian
Solved! Go to Solution.
01-13-2010 08:14 AM
The IP based ACL of RVS4000 is designed to restrict the traffic between LAN and WAN (bi-direction), but not the inter-VLAN traffic. So the scenario is not supported unfortunately.
01-13-2010 08:14 AM
The IP based ACL of RVS4000 is designed to restrict the traffic between LAN and WAN (bi-direction), but not the inter-VLAN traffic. So the scenario is not supported unfortunately.
01-13-2010 08:26 AM
Thanks for your help. It is too bad that feature is not supported in this router. Is this something that is being considered for the future?
Have a great day!
Brian
01-13-2010 08:40 AM
To support the scenario you described, you might want to take a look at the SA500 series such as SA520.
For RVS4000, I will pass your request onto the product team for consideration.
I was told that RVL200, which also supports inter-VLAN routing and IP-address based Access Rules, can support the scenario you described.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide