Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
531
Views
0
Helpful
1
Replies

VLAN CONFIGURATION AND ACL

EtjonMerqina80916
Level 1
Level 1

‎04-06-2021 09:49 AM

Hi!

I am new in networking and I am trying to setup this networking.
I have supposed that I have these devices possible:

layer 2 switch, 24 port FE and 2 ports GE
router, 2 ports FE, 1 wan port(it doesnt metter, fiber or any)


In the router I have these ip:

WAN Port- Se 1/0 ip 200.1.1.2/24
FE Port- 192.168.1.1/24 (connected to the switch in center)


In the switch:
I have created 4 vlans:
Vlan10 10.10.10.1/24
Vlan20 10.10.20.1/24
Vlan30 10.10.30.1/24
Vlan40 10.10.40.1/24
DHCP enabled for all Vlans

GIG 0/1 configured as trunk port and connected to the router.
Fe 0/1-6 Part of Vlan10
Fe 0/7-12 Vlan20
Fe 0/13-18 Vlan30
Fe 0/19-24 Vlan40


Other switches are part of their own vlan giving IP
from the main switch.


What I want to do is to let vlan 10 to communicate with other
vlan20, 30 and 40 inbound and outbound.
From the other side I don't want to let vlans 20,30 and 40
to communicate with each other.

Also I want to be sure that all end devices to have
internet access!

Is it possible to this with a layer2 switch and a router? If yes, how?

I will appreciate it if someone gives me a clear guide and explaination how to this
kind of configuration!

Thank you in advance!

Labels:
0 Helpful
1 Reply 1

balaji.bandi
Hall of Fame
Hall of Fame

‎04-06-2021 11:33 AM

try basic config and improve better once you understand the concept

 

 

access-list 10 permit ip 10.10.10.0 0.0.0.255 10.10.20.0 0.0.0.255
access-list 10 permit ip 10.10.10.0 0.0.0.255 10.10.30.0 0.0.0.255
access-list 10 permit ip 10.10.10.0 0.0.0.255 10.10.40.0 0.0.0.255
!
access-list 20 permit ip 10.10.20.0 0.0.0.255 10.10.10.0 0.0.0.255
!
access-list 30 permit ip 10.10.30.0 0.0.0.255 10.10.10.0 0.0.0.255
!
access-list 40 permit ip 10.10.40.0 0.0.0.255 10.10.10.0 0.0.0.255
!
Int Vlan 10
ip access-group 10 out
Int Vlan 20
ip access-group 20 out
Int Vlan 30
ip access-group 30 out
Int Vlan 40
ip access-group 40 out

 

 

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/vacl.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents