Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
381
Views
0
Helpful
3
Replies

blocking inter network traffic to certain IP's on an ASA 5505

Doug-IVKS
Level 1
Level 1

‎02-23-2016 06:07 AM - edited ‎03-08-2019 04:41 AM

Currently we are using an ASA 5505. What I need to accomplish, is I need to block all machines inside our network from reaching a certain few machines in the network. Unfortunately, I can't create a new Vlan to accomplish this, so I believe I'm going to have to accomplish this with access rules. Is this possible?   

Labels:
0 Helpful
3 Replies 3

Jon Marshall
Hall of Fame
Hall of Fame

‎02-23-2016 06:19 AM

If all the machines are in the same IP subnet you cannot use the ASA.

Can you give us some more details ie.what are the machines connected to, what is their default gateway, are they all in the same IP subnet ?

Jon

0 Helpful

Doug-IVKS
Level 1
Level 1
In response to Jon Marshall

‎02-23-2016 06:28 AM

The machines in question are credit card machines that need to be separated from the rest of the network for compliance issues. They are all on the same subnet. 

All machines on the network use the ASA as their default gateway. 

I did just remember that I have a few RVS4000's that I could use to create new subnets for the credit card machines.

Would this course of action be possible? 

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to Doug-IVKS

‎02-23-2016 06:37 AM

If they are all in the same subnet you can't use the ASA because devices in the same subnet don't use their default gateway to communicate.

You either need a new vlan for those machines or if your switch supports them private vlans would work.

What switch(es) are all the devices connected to ?

Jon

0 Helpful
Customers Also Viewed These Support Documents