Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
916
Views
10
Helpful
4
Replies

access between vlans

Go to solution
suthomas1
Level 6
Level 6

‎09-16-2011 10:30 AM - edited ‎03-07-2019 02:16 AM

Hello All,

My question is very naive. If i have a 6506 in which five SVIVvlans ( vlan 100 - vlan 500 ) are created.

Vlan 100 is printer, vlan 200 is financial vlan.

The route on this switch will point as default to a upstream firewall or router.

1. will vlan 100 and vlan 200 be able to talk to each other

2. will all vlan user be able to use print vlan 100 for printing

main purpose is not to have all vlans talk to each other, at the same time vlan 100 should be able to be used by all users.

Thanks in advance.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
cadet alain
VIP Alumni
VIP Alumni
In response to suthomas1

‎09-16-2011 11:24 AM

Hi,

they can't talk to eah other if there is no L3 routing.But on the 6500 L3 switching is enabled by default contrary to lower platforms like 35xx where you have to configure ip routing.

Regards.

Alain.

Don't forget to rate helpful posts.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
cadet alain
VIP Alumni
VIP Alumni

‎09-16-2011 10:46 AM

Hi,

if all SVIs are up/up then yes they all will be able to talk to each other and if you don't want to then you can use ACLs or private vlans.

Regards.

Alain.

Don't forget to rate helpful posts.

Go to solution
suthomas1
Level 6
Level 6
In response to cadet alain

‎09-16-2011 11:04 AM

Is that the case, i understood that different vlans will not talk to each other

thanks.

0 Helpful

Go to solution
cadet alain
VIP Alumni
VIP Alumni
In response to suthomas1

‎09-16-2011 11:24 AM

Hi,

they can't talk to eah other if there is no L3 routing.But on the 6500 L3 switching is enabled by default contrary to lower platforms like 35xx where you have to configure ip routing.

Regards.

Alain.

Don't forget to rate helpful posts.
0 Helpful

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame

‎09-16-2011 10:57 AM

Hi,

By default, all vlans will communicate with each other.  If you do not want the vlans to talk to each other, then you can deploy something like this example and apply it to these vlans.  In this case vlan 200 will not communicate with vlan 210.

vlan 200 = 192.168.200.0/24

vlan 210= 192.168.210.0/24

access-list 111 deny ip 192.168.200.0 0.0.0.255 192.168.210.0 0.0.0.255

access-list 111 permit ip 192.168.200.0 0.0.0.255 any

access-list 112 deny ip 192.168.210.0 0.0.0.255 192.168.200.0 0.0.0.255

access-list 112 permit ip 192.168.210.0 0.0.0.255 any

int vlan 200

ip access-group 111 in

int vlan 210

ip access-group 112 in

HTH

Customers Also Viewed These Support Documents