02-03-2011 03:34 AM - edited 03-04-2019 11:18 AM
Hi All,
In my network we have three 3 VLANS set up on my 3560G switch.
Can anyone tell me how I can allow pcs on VLANS 1 and 3 access to VLAN 2 but should not to others
And VLAN 1 should not to get to VLAN 3 or VLAN 3 should not get to VLAN 1.
Jopeti.
Solved! Go to Solution.
02-03-2011 03:44 AM
Jopeti
This is not much clear but of course you can try like below... I am just assuming Vlan address, you can take your real address...
vlan 1 = 10.10.10.0/24
vlan 3 = 10.10.12.0/24
access-list stop_vlan1 extended
deny ip 10.10.10.0 0.0.0.255 10.10.12.0 0.0.0.255
permit ip any any
access-list stop_3 extended
deny ip 10.10.12.0 0.0.0.255 10.10.10.0 0.0.0.255
permit ip any any
Interface vlan 1
ip access-group stop_3 in
Interface vlan 3
ip access-group stop_vlan1 in
Please rate the helped posts...
Regards,
Naidu.
02-03-2011 04:20 AM
No problem...
Is there any switch ports configured under this vlan or not?
Because untill you associate any ports to that vlan it wont come up...
Please rate all the helped posts...
Regards,
Naidu.
02-03-2011 04:44 AM
Jopeti,
Log into your switch and go to any interface which you want to access respectively
Give commands like below
Switch# int gi4/39
switch port access vlan 2
switch port mode access
Then see the status, it should up up now...
Please rate all the helped posts...
Regards,
Naidu.
02-03-2011 03:44 AM
Jopeti
This is not much clear but of course you can try like below... I am just assuming Vlan address, you can take your real address...
vlan 1 = 10.10.10.0/24
vlan 3 = 10.10.12.0/24
access-list stop_vlan1 extended
deny ip 10.10.10.0 0.0.0.255 10.10.12.0 0.0.0.255
permit ip any any
access-list stop_3 extended
deny ip 10.10.12.0 0.0.0.255 10.10.10.0 0.0.0.255
permit ip any any
Interface vlan 1
ip access-group stop_3 in
Interface vlan 3
ip access-group stop_vlan1 in
Please rate the helped posts...
Regards,
Naidu.
02-03-2011 03:49 AM
I am sorry for that not clear But your suggestion seems OK.
But when i give the following command #sh ip int brief
I found that Vlan 2 is down down...What could be the problem
Jopeti
02-03-2011 04:20 AM
No problem...
Is there any switch ports configured under this vlan or not?
Because untill you associate any ports to that vlan it wont come up...
Please rate all the helped posts...
Regards,
Naidu.
02-03-2011 04:32 AM
OK, what should i do to associate the ports...
Jopeti.
02-03-2011 04:44 AM
Jopeti,
Log into your switch and go to any interface which you want to access respectively
Give commands like below
Switch# int gi4/39
switch port access vlan 2
switch port mode access
Then see the status, it should up up now...
Please rate all the helped posts...
Regards,
Naidu.
02-03-2011 04:56 AM
Thansk....It is cleare and working now
Jopeti.
02-03-2011 04:45 AM
Hi,
To associate VLAN2 to port f0/3:
interface f0/3
switchport mode access
switchport access vlan 2
Regards.
Alain.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide