cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
136
Views
0
Helpful
2
Replies
Highlighted
Beginner

Port Forwarding without inter vlan routing.

Hi all.

I have Cisco RV260W with 3 vlans configured:

Vlan 1 : 192.168.10.0 (used for team)

Vlan 2: 192.168.20.0 (used for public wifi (investor comming visiting us etc..., no need to acces internal network) )

Vlan 3: 192.168.30.0 (used for external partners with specific machines inside)

 

I have disabled inter vlan routing because I want vlan isolation.

 

I have a VPN server on VLAN1 with port forwarding on it.

 

Since I disabled inter-vlan-routing on Vlan1...impossible to acces to OpenVPN for all clients.

If I enable it it's ok but vlan1,2 and 3 can communicate and I don't whant that...

 

Do you have some idea ?

Is it something about routing ?

 

Thanks a lot :)

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
VIP Mentor

Re: Port Forwarding without inter vlan routing.

Hello


@emaid wrote:

Since I disabled inter-vlan-routing on Vlan1...impossible to acces to OpenVPN for all clients.

If I enable it it's ok but vlan1,2 and 3 can communicate and I don't whant that...

 

Do you have some idea ?

Is it something about routing ?

 


You can append a routered access-list to the L3 interfaces to negate access between the vlans or you could put each vlan in an spearate vrf, However having ever worked on that particaulr rtr I would say the former option would be the most viable option if indeed it is applicable.

See attached file:



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future

View solution in original post

2 REPLIES 2
Highlighted
VIP Mentor

Re: Port Forwarding without inter vlan routing.

Hello


@emaid wrote:

Since I disabled inter-vlan-routing on Vlan1...impossible to acces to OpenVPN for all clients.

If I enable it it's ok but vlan1,2 and 3 can communicate and I don't whant that...

 

Do you have some idea ?

Is it something about routing ?

 


You can append a routered access-list to the L3 interfaces to negate access between the vlans or you could put each vlan in an spearate vrf, However having ever worked on that particaulr rtr I would say the former option would be the most viable option if indeed it is applicable.

See attached file:



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future

View solution in original post

Highlighted
Beginner

Re: Port Forwarding without inter vlan routing.

Thanks a lot ! working perfect with acces list !