Email Subscription Notifications Suspended Temporarily
We are in the process of making navigation in the Servers and Operating Systems forums simpler and more direct. While doing this, we have to temporarily suspend email notifications for subscriptions. If you are subscribed to one or more discussion boards or blogs in the community, please check them daily to see new content. Notifications will be turned back on in a few days. We apologize for any inconvenience this may cause. Thanks, Warren_Admin
Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

vlan filterin in 3500yl

maldiveboy
Occasional Contributor

vlan filterin in 3500yl

ip default-gateway 10.17.0.1
sntp server 10.17.1.2
ip routing
vlan 1
name "DEFAULT_VLAN"
untagged 1-2,4,6-24
ip address 10.17.1.1 255.255.255.0
no untagged 3,5
exit
vlan 2
name "X"
untagged 5
ip address 10.17.2.1 255.255.255.0
exit
vlan 3
name "Y"
untagged 3
ip address 10.17.3.1 255.255.255.0
exit

client1, port 3
ip address 10.17.2.10
gateway 10.17.2.1


client2, port 5
ip address 10.17.3.10
gateway 10.17.3.1

client3, port 5
ip address 10.17.3.11
gateway 10.17.3.1

client 2 can talk to port 3
client 3 cannot talk to port 3
how can i do that?

im using procurve 3500yl
this switch supports ACL, and sourport filtering
1 REPLY
Matt Hobbs
Honored Contributor

Re: vlan filterin in 3500yl

There a few different ways to achieve this goal.. here's one of them:

ProCurve(config)# ip access-list extended 100
ProCurve(config-ext-nacl)# deny ip host 10.17.3.11 host 10.17.2.10
ProCurve(config-ext-nacl)# permit ip any any
ProCurve(config-ext-nacl)# exit
ProCurve(config)# vlan 3 ip access-group 100 in