Unclear what you're asking, as normally, if we're talking about an "external" router, you need to, physically and/or logically, connect the router (somehow) to the VLANs (often via a trunk between a router and L2 switch). You just don't "connect" the VLANs you want to exclude. If your "router" is a L3 switch, you might have VLANs defined on the switch but without SVIs. As already noted by Balaji, you can selectively block, or block all, traffic to and/or from those VLANs using ACLs. In this cast, the VLANs are "connect" but traffic cannot move between them. Lastly, some devices support various forms of virtual L3. For those, something like VLANs 30 and 40 might be logically partitioned from all your other VLANs.

Sorry for making it a little bit unclear, I have the topology like below
[cid:adc88aea-b2e7-43dd-97a8-2fe994f31a69]

VLAN Table

VLAN

VLAN Name

10

Finance

20

Sales

30

HR

40

IT

99

Blackhole








so what I am looking for is, R2 should not have interfaces directly connected to Finance and Sales. How can we configure that?????

 

so what I am looking for is, R2 should not have interfaces directly connected to Finance and Sales. How can we configure that?????

 

there are couple of options .

1. you can make VRF to not to interact with each other (that is complicated for small kind of setup)

2. Terminate them different segment with FW in place (this is additional administration task to manage FW)

3. So the option i have given above is simple ACL which give you ability that both deparments  not communicated between Finance and sales at all.

in your case VLAN 10 and VLAN 20 - so change the ACL as per the requirement.