Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

RVS4000 IP Access Lists

Hello all,

I am trying to block access from 1 VLAN to another without disabling InterVLAN routing.

In my access list entry I have the following:

Deny ALL protocols, Source interface LAN; Source Address Network 192.168.8.0/24 (VLAN I wish to block); Destination Address Network 192.168.1.0.

It looks like this should work however hosts from the 192.168.8.0 network can access the 192.168.1.0 network. If I disable InterVLAN routing it blocks traffic between the VLANs as you would expect. In the future I plan to have another VLAN that I do wish to route between VLANs.

Any help would be appreciated,

Thanks!

Brian

1 ACCEPTED SOLUTION

Accepted Solutions

Re: RVS4000 IP Access Lists

The IP based ACL of RVS4000 is designed to restrict the traffic between LAN and WAN (bi-direction), but not the inter-VLAN traffic. So the scenario is not supported unfortunately.

3 REPLIES

Re: RVS4000 IP Access Lists

The IP based ACL of RVS4000 is designed to restrict the traffic between LAN and WAN (bi-direction), but not the inter-VLAN traffic. So the scenario is not supported unfortunately.

New Member

Re: RVS4000 IP Access Lists

Thanks for your help. It is too bad that feature is not supported in this router. Is this something that is being considered for the future?

Have a great day!

Brian

Re: RVS4000 IP Access Lists

To support the scenario you described, you might want to take a look at the SA500 series such as SA520.

For RVS4000, I will pass your request onto the product team for consideration.

I was told that RVL200, which also supports inter-VLAN routing and IP-address based Access Rules, can support the scenario you described.

1435
Views
0
Helpful
3
Replies
CreatePlease login to create content