Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Guest traffic

Hi

I got Two question, if someone can share idea

(1) How to secure DATA Traffic from Guest VLAN traffic.

(2) How to route Guest VLAN traffic to a router facing Internet

Backbone switch currently got a route to firewall < ip route 0.0.0.0 0.0.0.0 firewall_ip >

how to manipulate guest vlan traffic to another hop than firewall

Data Vlan 10 ; 192.168.1.0 255.255.255.0

Guest vlan 20 ; 192.168.200.0 255.255.255.0

Uplink Backbone to firewall ; vlan id ; 11

backbone ; 10.1.1.1 255.255.255.248

firewall ; 10.1.1.2 255.255.255.248

uplink backbone to DSL_Router ; vlan id 12

backbone : 10.10.10.1 255.255.255.248

DSL_router ; 10.10.10.2 255.255.255.248

CHEERS

JOE

2 REPLIES
VIP Super Bronze

Guest traffic

Hi Joe,

If your device and your IOS support it and if vlan separation is not enough for you, you can put the guest clan in separate VRF.  The VRF would logically separate the routing table between your date network and your guest network. 

Have a look at this link:

http://packetlife.net/blog/2009/apr/30/intro-vrf-lite/

HTH

New Member

Guest traffic

Hi

ACL will be ok

but routing guest traffic to internet didnt work, looks like static entry not working, is route-map needed?

router ospf 1

network 192.168.1.0 0.0.0.255 area 0

network 10.1.1.0 0.0.0.7 area 0

redistribute static subnets

redistribute connected subnets

ip route 0.0.0.0 0.0.0.0 10.1.1.2  ( ASA )

ip route 192.168.100.0 255.255.255.0  192.168.1.200 ( VPN_server )

ip route 192.168.105.0 255.255.255.0 192.168.1.200 (VPN_Server )

ip route 192.168.200.0 255.255.255.0  10.10.10.2

anyone with similar setup working for guest traffic

201
Views
0
Helpful
2
Replies
CreatePlease to create content