Isolated VLAN That Requires Internet Access Only

dcgtechnologies · ‎10-28-2025

I am looking to find out the proper configuration for three ports on two 3750X switches to have an isolated network / VLAN that will NOT talk to any other network / VLAN in my environment and only needs internet access. I have two interfaces on one switch and one interface on another switch. Right now, I have all three interfaces configured as access ports to one VLAN called VLAN70. My native vlan is VLAN10 and VLAN70 can access all networks and all other VLAN's and resources and that is what I DO NOT want. What is the best way to configure this? I know this is probably simple for most so it should be pretty easy to answer for a seasoned member. Thank you in advance.

Kasun Bandara · ‎10-28-2025

hi @dcgtechnologies , as i understood, you have 1 VLAN which should have access to the only internet and other VLANs which can access each other and internet.

this can achieve by configuring the ACL. ACL can create at the switch where your VLAN interfaces (SVI) (or gateway IP of user) is available. you can create ACL saying that block the internal VLAN IP ranges and allow other traffic. then assign that to the incoming traffic of the VLAN interface (SVI) which you only need internet access.

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB