cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4065
Views
10
Helpful
17
Replies

limiting vlan access

richard
Level 1
Level 1

Hello.  I have three VLANS set up on my Catalyst 3560G switch.  Each VLAN has its own subnet and I have enabled IP routing and set up my VLANS so that clients on VLANS 1 and 3 can get to VLAN 2 because they share a server located on VLAN 2.  However, now they can also see and get to each others VLANS!  Can anyone please suggest or provide a couple of examples on how I can allow my clients on VLANS 1 and 3 access a server on VLAN 2 but not access the other VLANS?  I don't want VLAN 1 to get to VLAN 3 or VLAN 3 to get to VLAN 1.  Thanks for any help.

17 Replies 17

FW with address 192.168.8.250 must know how to reach the  192.168.9.0/24 segment.

The hosts on 192.168.8.0/24 segment can reach the server because their default gateway is pointing to the switch.

I'm sure the FW's default gateway is pointing to another gateway, if it is - you need to add a static route for 192.168.9.0/24 segment pointing to 192.168.8.200 as the gateway for that subnet.

Additionally, since you mentioned FW - make sure there aren't any filtering applied on it.

So like this?

ip route 192.168.9.0 255.255.255.0 192.168.8.200

That's the idea but the syntax may be different in your FW.