cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to the Cisco Small Business Community

Have a question? Click on a topic board below to get started in the community.

1247
Views
5
Helpful
5
Replies
doug_counsil
Beginner

SA540 Inter-VLAN ACL Support Options

We have several VLANs, basically a different VLAN for each department (i.e. Developers, Payroll, Accounting, etc.) with Inter VLAN Routing turned off.  We have several printers with static IPs that are currently part of a near by VLAN.  We would like to group/share most of our printers across all/most of our current VLANs though.  How can this be achieved?  We don't want to turn Inter VLAN Routing on

If we had to, it may be possible to move all the printers we want to share across the existing VLANs to a new VLAN (and turn Inter VLAN routing on for that VLAN).  Would that allow all the existing VLANs access to the new *printer* VLAN?  Would all the existing VLANs still be separate and secure from one another?

We were hoping for Inter VLAN Firewall ACL support in the latest firmware as we were told is was on the roadmap for the SA500 Series routers.  However, we are currently beta testing the 2.2.0.3_1 firmware and Inter VLAN Firewall ACLs are still not possible to create.  Is there anyway to get that into the next firmware release (2.2.0.x) that is coming out soon?

1 ACCEPTED SOLUTION

Accepted Solutions
jonatrod
Rising star

Good morning.

Hi Curtis Counsil my name is Johnnatan and I am part of the Small business Support community, unfortunately it  is not possible to create ACL´s in your device, the solution is to enable inter vlan or placing a printer for each vlan's with the inconvenience that  it could not communicate with each other, however that's what you do not want. I recommended to you get or buy a Cisco layer 3 device that supports ACL. Such a router or a Switch L3, you can contact our presales team and explain your newortk issue and they will help you with your case

http://www.cisco.com/web/siteassets/contacts/international.html?reloaded=true

Thank you and have a nice day!!!

I hope you find this answer useful, if it was satisfactory  for you, please mark the question as Answered.

Best regards.

Johnn.

Cisco network support engineer.

“Please rate useful posts so other users can benefit from it” Greetings, Johnnatan Rodriguez Miranda. Cisco Network Support Engineer.

View solution in original post

5 REPLIES 5
doug_counsil
Beginner

I forgot to mention that we have some file servers that we want to share across VLANs.

jurodri3
Beginner

Hello Mr. Counsil,

Thank you for your question.

However, you have posted it on the wrong forum, please post it on small business Security forum, in order to get a better response. You can move your post using the Actions panel on the right.

Best regards,

Diego Rodriguez

Cisco Small Business Community Engineer Best regards,

Hi Curtis,

I moved the post for you into the Small Business Security area.

Regards,
Cindy Toy
Cisco Small Business Community Manager
for Cisco Small Business Products
www.cisco.com/go/smallbizsupport
twitter: CiscoSBsupport

Regards, Cindy If my response answered your question, please mark the response as answered. Thank you!
jonatrod
Rising star

Good morning.

Hi Curtis Counsil my name is Johnnatan and I am part of the Small business Support community, unfortunately it  is not possible to create ACL´s in your device, the solution is to enable inter vlan or placing a printer for each vlan's with the inconvenience that  it could not communicate with each other, however that's what you do not want. I recommended to you get or buy a Cisco layer 3 device that supports ACL. Such a router or a Switch L3, you can contact our presales team and explain your newortk issue and they will help you with your case

http://www.cisco.com/web/siteassets/contacts/international.html?reloaded=true

Thank you and have a nice day!!!

I hope you find this answer useful, if it was satisfactory  for you, please mark the question as Answered.

Best regards.

Johnn.

Cisco network support engineer.

“Please rate useful posts so other users can benefit from it” Greetings, Johnnatan Rodriguez Miranda. Cisco Network Support Engineer.
doug_counsil
Beginner

Thanks Johnn.  We ended out deploying a switch that supported VLANs and inter-VLAN ACL support.  It was as simple as moving all the network cables to the switch, connecting just the switch to the SA540, re-creating the VLANs on the switch, and creating the ACL rules on the switch.  We found that the switch provided us with much greater throughput than the SA540 anyways.