Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
595
Views
0
Helpful
2
Replies

Prevent routing between 2 logical networks without a VLAN

markgramlich
Level 1
Level 1

‎09-03-2005 01:41 PM - edited ‎03-02-2019 11:55 PM

Background: We have some older hubs in our network. As such, we cannot implement a VLAN yet. We have a 10/100 ethernet network across our campus for our production users. We have multiple buildings on the campus and one physical network. We are installing Cisco 1100 WAPs to provide our guests with wireless internet access. Our DHCP server is configured to hand out 192.168.1.x addresses to our guests. Our DHCP server has 192.168.0.x reservations for our production machines.

Questions:

1) Would this ACL prevent traffic from routing between the 192.168.0.x and 192.168.1.x networks?

access-list 105 deny ip 192.168.0.0 0.0.0.255 192.168.1.0 0.0.0.255

2) Does anyone have a better solution for preventing our guests from accessing our production machines? Once all the hubs are replaced with switches, we plan to implement a VLAN.

TIA,

Mark

Labels:
Preview file
5 KB
0 Helpful
2 Replies 2

froggy3132000
Level 3
Level 3

‎09-03-2005 02:24 PM

That should do it just add a permit of some sort after that.

0 Helpful

simonstoll
Level 1
Level 1

‎09-04-2005 04:19 AM

Are you sure you want to protect your Guest WLAN from your production Network, not the otherway round? Your access-list states that the .0 network (production) is not allowed to access the .1 (wlan) network. Then, i don't see in your config the activation of any of your access-list. They are just defined without being activated on any of your interfaces. Plus there is missing the allow at the end of the access-list, because there is an implicite deny at the end of any access-list.

0 Helpful
Customers Also Viewed These Support Documents