Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
432
Views
0
Helpful
3
Replies

Allow traffic from a VLAN to communicate with only the router

josephnunham
Level 1
Level 1

‎12-13-2010 07:08 PM - edited ‎03-04-2019 10:46 AM

Hello,

I'm sure this is a simple answer, but I can't seem to find one that sounds like a positive solution. I have two VLANs set up on a Catalyst 2950 switch: VLAN 1 (192.168.1.x) and VLAN 2 (192.168.2.x). VLAN 2 can ping the router on the 192.168.1.x network and nothing else, which is what I want. However, computers on the 192.168.1.x network can ping computers on VLAN 2, which is what I do not want. I want to make it where VLAN 1 and VLAN 2 cannot communicate with one another, but that VLAN 2 can still ping the router on VLAN 1. I've read about access control lists and ip tables, but which one is the definite solution?

Thank you for your guidance.

Labels:
0 Helpful
3 Replies 3

lgijssel
Level 9
Level 9

‎12-13-2010 10:32 PM

This must be achievable with access lists.

regards,

Leo

0 Helpful

josephnunham
Level 1
Level 1
In response to lgijssel

‎12-14-2010 08:03 AM

Hi Leo,

Could you tell me how they are possible in the 2950? I read some places that since it is a L2 device it does not support ACLs.

Thank you.

0 Helpful

kishorecisco
Level 1
Level 1

‎12-14-2010 08:18 AM

Hi,

It should be possible using an ACL and also try to use distribute list.

regards,

kishore

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card