Buy or Renew
Buy or Renew
COMING SOON: Umbrella and Secure Access release notes are coming to Cisco Community. The community will be in read-only August 16 – 19. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
336
Views
0
Helpful
6
Replies

Allowing inter vlan traffic with public wireless

tsicoupe1
Level 1
Level 1

‎11-29-2016 02:36 PM - edited ‎03-08-2019 08:21 AM

I know this is a pretty basic question but here is the scenario... I am adding widi devices which will be on the wired network on their own vlan which is the projector vlan. The problem is the public wireless cannot talk to this vlan due to an access list since it is a public wireless which is also on its own vlan. I need to be able to have the public wireless be able to talk to the devices on the projector vlan so they can connect to the widi device. Here is the configuration:

 interface Vlan13 (Projector Vlan)
description Projectors
ip address 10.0.77.129 255.255.255.128
ip helper-address 10.0.2.11
no ip redirects
no ip proxy-arp

interface Vlan17
description Public Wireless
ip address 10.0.80.1 255.255.252.0
ip access-group public-wireless in
ip helper-address 10.0.2.11
no ip redirects
no ip proxy-arp
ip pim sparse-dense-mode

ip access-list extended public-wireless
permit udp any host 10.0.2.11 eq bootps
permit udp any host 10.0.2.10 eq domain
permit udp any host 10.0.2.11 eq domain
permit tcp any 10.0.2.0 0.0.0.255 eq www
permit tcp any 10.0.2.0 0.0.0.255 eq 443
deny ip any 10.0.0.0 0.255.255.255
permit ip any any

I was thinking i could add another permit statement to the 10.0.7.129 network but was unsure if that would be the best way of doing it. Any help would be appreciated. Thank you!

Labels:
0 Helpful
6 Replies 6

Dennis Mink
VIP Alumni
VIP Alumni

‎11-29-2016 05:25 PM

Well if your vlan 17 needs to talk to vlan 13, you will need to add a permit to 10.0.77.129/25  above your deny ip any 10.0.0.0 0.255.255.255  statement

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful

tsicoupe1
Level 1
Level 1
In response to Dennis Mink

‎11-30-2016 08:46 AM

so it would be permit tcp any 10.0.77.129 0.0.0.128 ?

0 Helpful

Dennis Mink
VIP Alumni
VIP Alumni
In response to tsicoupe1

‎11-30-2016 02:20 PM

It d be like this:

permit tcp any 10.0.2.0 0.0.0.255 eq 443

permit ip any 10.0.77.129 0.0.0.128    <-------insert here
deny ip any 10.0.0.0 0.255.255.255

permit ip any any

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful

tsicoupe1
Level 1
Level 1
In response to Dennis Mink

‎11-30-2016 02:30 PM

ok I will try that, thank you!

0 Helpful

tsicoupe1
Level 1
Level 1
In response to Dennis Mink

‎12-05-2016 12:33 PM

for some reason when i enter that is changes it to display permit ip any 10.0.77.1 0.0.0.128 instead of permit ip any 10.0.77.129 0.0.0.128

0 Helpful

tsicoupe1
Level 1
Level 1
In response to tsicoupe1

‎12-05-2016 01:26 PM

i got it, it should of been permit ip any 10.0.13.128 0.0.0.127 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card