Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2446
Views
0
Helpful
3
Replies

RVS4000 - Inter Vlan routing and ACLs

andreas.blum
Level 1
Level 1

‎11-08-2010 04:01 AM

Do I miss something or is it not possible to filter routing between Vlans on this device?

After a day long trying, I'm facing the possibility that ACLs apply only between WAN and LAN, but not different Vlans.

So there is either inter Vlan routing enabled or disabled and that's it?

Andi

Labels:
0 Helpful
3 Replies 3

David Carr
Level 6
Level 6

‎11-11-2010 05:28 AM

You should be able to setup acl's for your lan on the rvs4000.  Make sure the source interface is on the lan and create your rule. 

0 Helpful

andreas.blum
Level 1
Level 1
In response to David Carr

‎11-11-2010 03:58 PM

Thanks for your reply davicarr!

I however still having issues getting filtering set up between different Vlans/subnets.

Lately I did a reset to factory defaults and started from scratch for testing.

No chnages under "advanced routing": the router is configured as "gateway" and "inter vlan routing" enabled.

Also I left Vlan 1 as is (192.168.1.0/24 - gateway 192.168.1.1).

I added Vlan 2 and configured subnet 192.168.15.0/24 with 192.168.15.1 being the gateway IP and DHCP disabled.

Only switch port 2 was configured for vlan2 untagged (ports 1, 3 and 4 unchanged in vlan1 untagged).

Port 1 is connected to one machine, port 2 to another which I gave a static IP assignment of 192.168.15.2/24.

At that point, pings go through between vlan1 and vlan2.

Defining and enabling two "deny", "all"-services ACLs on LAN (one source net 192.168.1.0/24 destination 192.168.15.0/24 and the other source 192.168.15.0/24 destination 192.168.1.0/24), pings still get replied from 192.168.1.100 to 192.168.15.2 and vice versa.

If I disable inter vlan routing, routing between the subnets is interrupted no matter if an ACL is configured or not (as one would expect).

I have a version 1 device running firmware 1.3.2.0

Thanks

Andi

0 Helpful

David Carr
Level 6
Level 6
In response to andreas.blum

‎11-17-2010 08:34 AM

Yeah, andi that is very strange.  I have tested this in the past with acls and it work fine.  You could try reflashing your firmware and reloading your configs and see if the acls work then.  If not give the SBSC a call at 866-606-1866 and see if they can work with you on this.

0 Helpful
Customers Also Viewed These Support Documents