Re: how to block traffic between servers in the same vlan

natef · ‎07-18-2016

I have a server vlan and one particular server with ip add 10.99.66.30/23 which should not communicate with any other server in the same vlan. This server should only communicate with an external server located outside my network and connected via mpls. The external connectivity is working fine. However, i am not able to prevent commmunication within the same server vlan.

Could i use policy based routing for this particular IP address and set it to forward traffic directly to the gateway ip 10.99.66.1 ?

access list 1 permit10.99.66.30 255.255.255.255

route-map test-route permit 1

match ip address 1

set next-hop 10.99.66.1

exit

vlan 10

ip policy route-map test-route

Will this work?

Can anyone help?

Vince-Whirlwind · ‎07-19-2016

This is what host-based security is for. Security should be configured on the server.

Dunky · ‎11-29-2016

Sounds like it ought to be sat in a DMZ.

michaelavenatt · ‎11-15-2018

MAC acls only control non IPv4 traffic.

If you need to contol traffic between two hosts in the same vlan you can still use a VACL but you must use IP addresses and not mac addresses to control the traffic.

I can share full details with you want but now gotta go. see you all tomorrow. Bye

parnassus · ‎11-16-2018

...or using VLAN isolation by deploying Private VLAN.

I'm not an HPE Employee

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: how to block traffic between servers in the same vlan

how to block traffic between servers in the same vlan