Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
450
Views
0
Helpful
1
Replies

VLAN Traffic restriction

Faisal Khan
Level 1
Level 1

‎11-06-2014 11:42 PM - edited ‎03-10-2019 12:19 AM

Hi,

Dear,

I want to block extra ports or traffic between Vlans, we have install 4500 series core cisco switches (root switches) and 3750 access switches.

Can any body help me how can i block extra ports like icmp and remote access. one more thing these ports can allow only from specific IP's from other Vlan.

2 Vlan are running in our network.

 

Regards,

Faisal

Labels:
0 Helpful
1 Reply 1

Tagir Temirgaliyev
Spotlight
Spotlight

‎11-07-2014 12:11 AM

you can do access-list ilke

ip access-list extended ters_in
 permit tcp 10.1.3.32 0.0.0.31 host 192.168.2.9 eq 2100
 ....
 deny   ip any any
ip access-list extended ters_out
 permit tcp host 192.168.2.9 eq 2100 10.1.3.32 0.0.0.31
.....
 deny   ip any any

interface Vlan43
 description ters
 ip address 10.1.3.33 255.255.255.224
 ip access-group ters_in in
 ip access-group ters_out out

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents