Re: VLAN - internet - routing

rzt.roet53 · ‎04-10-2022

I have 3 vlan and i want those vlan to get access to internet but those vlan must not have access to other network and vlan and even a switch

thank you

sharad9988 · ‎04-10-2022

Hi, You must create access list to deny particular network and switch .

rzt.roet53 · ‎04-11-2022

Thank you for your reply.

Let me try to elaborate it clearly,

Switch 1
Default VLAN 1

port 1(for a router), 2 (HyperV Host) and 3

VLAN 2 Guest VLAN
port 5

VLAN 3 STAFF

Port 6

VLAN 2, Guest cannot access other VLANs but can access to DHCP server, DNS, and internet access.

So, can you please help me with the complete ACL syntax?

Thankyou

Marvin Rhoads · ‎04-11-2022

What equipment do you have available to work with? The answer to that determines the answer to your question.

rzt.roet53 · ‎04-11-2022

Thank you for your reply.

Let me try to elaborate it clearly,

Switch 1
Default VLAN 1

port 1(for a router), 2 (HyperV Host) and 3

VLAN 2 Guest VLAN
port 5

VLAN 3 STAFF

Port 6

VLAN 2, Guest cannot access other VLANs but can access to DHCP server, DNS, and internet access.

So, can you please help me with the complete ACL syntax?

Thanks

MHM Cisco World · ‎04-11-2022

If this is L3 SW

you need access-list in VLAN with OUT direction
deny subnet of this vlan subnet of restricted vlan
...
permit any any

rzt.roet53 · ‎04-11-2022

Thank you for your reply.

Let me try to elaborate it clearly,

Switch 1
Default VLAN 1

port 1(for a router), 2 (HyperV Host) and 3

VLAN 2 Guest VLAN
port 5

VLAN 3 STAFF

Port 6

VLAN 2, Guest cannot access other VLANs but can access to DHCP server, DNS, and internet access.

So, can you please help me with the complete ACL syntax?

Thank you