Re: Stop certain VLANs from communicating with other VLANs

ksvijay957 · ‎05-29-2011

Hi all,
i am going to implement E8200ZL core switch and 2610,2810 edge switch with around 15 VLANs.i want to restrict some of the vlans should not communicate with each other, eg. Server Vlan should be accessible for all vlans. Admin vlan can communicate with around 8 vlans.so on i think this can be achieve by ACLs.

What is the preferred way to stop certain VLANs from communicating with other VLANs once IP routing is enable.

can someone give me ACLs configuration details with Example.

Early reply appreciated.

cenk sasmaztin · ‎05-29-2011

hi Dambar

basic ACL configuration for you
this ACL permit vlan4 to vlan 3
and all other vlan deny traffic from vlan 4

send me sh run print your switch I can send detailed ACL configuration

ip access-list standard "20"
10 permit 10.0.11.0 0.0.0.255
20 deny 0.0.0.0 255.255.255.255
exit
module 1 type J94ddA
ip routing
vlan 1
name "DEFAULT_VLAN"
untagged 1,6-24
ip address dhcp-bootp
no untagged 2-5
exit
vlan 2
name "VLAN2"
untagged 2
ip address 10.0.10.200 255.255.255.0
exit
vlan 3
name "VLAN3"
untagged 3
ip address 10.0.11.200 255.255.255.0
exit
vlan 4
name "VLAN4"
untagged 4
ip address 10.0.12.200 255.255.255.0
ip access-group "20" out
exit
vlan 5
name "VLAN5"
untagged 5
ip address 10.0.13.200 255.255.255.0
exit

cenk

ksvijay957 · ‎05-29-2011

Thnx,
i am still in planning phase.

Re: Stop certain VLANs from communicating with other VLANs

Stop certain VLANs from communicating with other VLANs

Re: Stop certain VLANs from communicating with other VLANs

Re: Stop certain VLANs from communicating with other VLANs

Hewlett Packard Enterprise International