HPE Community
Switches, Hubs, and Modems
1753852 Members
8571 Online
108807 Solutions
New Discussion

Re: Access to Internet from VLANs on 3500

 
SOLVED
Go to solution
OLARU Dan
Trusted Contributor

‎07-05-2007 05:55 PM

‎07-05-2007 05:55 PM

Re: Access to Internet from VLANs on 3500

Don't forget to restrict access on Router#2 from that external LAN to your Intranet subnets.

Most problems stem in Layer 3 (routing: incorrect [default] routes, unclear DGW's for the clients, wrongly applied routing protocols) and in the security wrapper (-since one can define security at each of the 7 layers of the OSI reference model- ACLs wrongly defined and applied to interfaces - inbound/outbound judgement errors and the like, put extended ACLs closest to the destination and standard ACLs closest to the source).

Glad we could help.
0 Kudos
OLARU Dan
Trusted Contributor

‎07-05-2007 05:55 PM

‎07-05-2007 05:55 PM

Re: Access to Internet from VLANs on 3500

Don't forget to restrict access on Router#2 from that external LAN to your Intranet subnets.

Most problems stem in Layer 3 (routing: incorrect [default] routes, unclear DGW's for the clients, wrongly applied routing protocols) and in the security wrapper (-since one can define security at each of the 7 layers of the OSI reference model- ACLs wrongly defined and applied to interfaces - inbound/outbound judgement errors and the like, put extended ACLs closest to the destination and standard ACLs closest to the source - to reduce unneeded traffic that will be discarded at some point anyway).

Glad we could help.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.