07-24-2013 06:19 AM
Ok... so I'm not sure if I can do this, but I'd love some input if its possible.
Network equipment -- RV120W, SF300-24
VLAN10 --> switch within VLAN, access internet -- preferably to just 3 addresses
VLAN20 --> switch within VLAN, Can initiate connection with VLAN10, VLAN30, access internet (I realize this is a security risk, but unavoidable)
VLAN30 --> switch within VLAN, Can access internet
VLAN40 --> Internet access only, cannot switch
I've got the trunking setup between the devices, and am assigning the VLAN's easily enough, I'm just not sure how (or if its possible) to create the routing tables / settings to accomplish. I may not be able to accomplish this on an SF300, but some pointers would be appreciated -- even if I can only accomplish part of what would be the ideal.
Solved! Go to Solution.
07-24-2013 10:10 AM
Hello Smith,
I suggest creating access-list (IPv4 based ACL) for your configuration (assuming that you are doing your inter-VLAN routing on the switch). If you are doing the inter-VLAN routing on the RV120W, you may have to create access list on the router instead.
Refer the below article on further details about ACL on SF300:
Configure IPv4-Based Access Lists on the 200/300 Series Managed Switches
Thanks,
Vijay
Please rate the answers.
07-25-2013 07:34 AM
Hi DR. Vijay is correct in that the access list is the correct methodology. Please bear in mind that the access list works INGRESS ONLY. Meaning if you put the ACL on an uplink port such as between the router and switch it wouldn't discriminate the traffic originating from the switch only originating from the router connection.
If all traffic is passing through the switch to get to the router then the ACL(s) should be applied to each ingress port (where the host is connecting to).
-Tom
Please mark answered for helpful posts
07-24-2013 10:10 AM
Hello Smith,
I suggest creating access-list (IPv4 based ACL) for your configuration (assuming that you are doing your inter-VLAN routing on the switch). If you are doing the inter-VLAN routing on the RV120W, you may have to create access list on the router instead.
Refer the below article on further details about ACL on SF300:
Configure IPv4-Based Access Lists on the 200/300 Series Managed Switches
Thanks,
Vijay
Please rate the answers.
07-25-2013 07:34 AM
Hi DR. Vijay is correct in that the access list is the correct methodology. Please bear in mind that the access list works INGRESS ONLY. Meaning if you put the ACL on an uplink port such as between the router and switch it wouldn't discriminate the traffic originating from the switch only originating from the router connection.
If all traffic is passing through the switch to get to the router then the ACL(s) should be applied to each ingress port (where the host is connecting to).
-Tom
Please mark answered for helpful posts
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide