Comware Based
cancel
Showing results for 
Search instead for 
Did you mean: 

one way communication between vlans with 5500 el switch

woodstreet
Occasional Advisor

one way communication between vlans with 5500 el switch

we need only vlan 12 should communicate with vlan9, and all the services between between vlan 12 and vlan 9 should me activated, but no communication from vlan 9 to vlan12

 

 

Kindly suggest,

 

Thanks 

3 REPLIES
Apachez-
Trusted Contributor

Re: one way communication between vlans with 5500 el switch

Either you trunk all your vlans to a firewall which will filter properly between them or you setup ACLs within your 5500 to do the same.
woodstreet
Occasional Advisor

Re: one way communication between vlans with 5500 el switch

Thanks for reply,

 

I have applied inbound ACL at vlan 9 and no ACL at vlan 12 interface

 

I want vlan 12 can only communicate with vlan 9 with all services enable,lke RDP,telnet,ssh,file sharing etc.., but these all should be blocked from vlan 9 to vlan 12.

 

if possible kindly provide acl rule so i can compaire with mine .

 

Thanks alot.

woodstreet
Occasional Advisor

Re: one way communication between vlans with 5500 el switch

Following acl i have applied at vlan 9 interface and no acl at vlan 12.

 

 

packet-filter 3009 inbound

 

rule 0 deny icmp source 192.168.12.0 0.0.0.255 destination 192.168.9.0 0.0.0.255

 

***vlan9 pc is able to ping vlan12 pc and vice versa

 

rule 0 deny icmp source 192.168.9.0 0.0.0.255 destination 192.168.12.0 0.0.0.255

 

***vlan9 pc shows "time out" if will try to ping vlan 12 pc  and vice versa.

 

 

Kindly suggest.

 

Thanks in advance