I have the following scenario.
We have currently an open network and because of that data travels in the whole LAN. Now we want to change the Scenario and will need to manage the whole network and want to have data travel form PC to my main servers.
We don't have domain concept, we use Group concept. We have one DHCP server with all MAC address of PCs and PC get its fixed IP through DHCP.
Now my basic requirement is to create Port wise Private VLAN, the example/scenario for the same is as follows.
E.g. :
Uplink port may be on port 01 or may be GBic port.
Port 02-03 are group port, port 04-06 are group port, port 07 is alone and so on .....
Now port 01 or GBic port what ever I have selected as my uplink should talk to each and every port of the switch.
Port 02-03 must talk to each other as they are group ports + the uplink port, else these ports must not communicate with any other ports.
Now if we talk about Port 04-06 then they must talk to each other as they are group ports + uplink port. Now additional setting for this group is, I may allow port 04 to talk with port 02. So its one way communication for port
02 and port 04. Port 02 will not talk to port 04 but port 04 will talk to port 02.
Port 07 will talk to only uplink not to any other port of switch.
Switch must be accessible from any of my LAN PC.
This is the scenario we need to create, else the regular/standard features which come with the switches are acceptable.
Is this possible? If yes then which switch will support this and how do I configure it.
I understand that one needs ACL that support the "established" command.
Please help
