Isolated VLAN

Chirag.Chirag · ‎04-09-2024

Hello members,

I am working on creating new VLAN 892 and don't want the devices inside this VLAN to be accessible from other VLAN other than a Jump Server. I have created this VLAN over Core and got this VLAN propagated to all switches over my topology.

The issue is that the Jump Server is an ESXi machine which has only two NIC both are part of VLAN 71 and have 10 VM Machines currently running on them.

We have created VLAN 892 but don't have created it as L3 VLAN by not assigning it a IP Address while VLAN 71 is L3 VLAN.

Can anyone guide if the communication is possible between Jump Server connected on S3 switch and end devices connected on S2 switches with no device IP Default gateway configured for VLAN 892 devices or Virtual NIC on Jump Server.

MHM Cisco World · ‎04-09-2024

You can use VLAN ACL' did you try it ?

MHM

Chirag.Chirag · ‎04-09-2024

Can you please tell if you meant Standard or Extended ACL, if VLAN ACL are different than it would be great help if you could share the Cisco link for VLAN ACL.

MHM Cisco World · ‎04-09-2024

https://www.google.com/amp/s/www.geeksforgeeks.org/vlan-acl-vacl/amp/

Check this

MHM

Chirag.Chirag · ‎04-09-2024

I have created a topology that might help you to understand the scenario and in that way you could help me in better way.

MHM Cisco World · ‎04-09-2024

As I mention apply vlan filter under VLAN 892.

Note:- are you sure vlan892 dont have SVI?

MHM

Chirag.Chirag · ‎04-09-2024

Yes I didn't configure VLAN 892 as SVI and that is my doubt should I configure it as VLAN 892 and than apply ACL's.

MHM Cisco World · ‎04-11-2024

First you need to add vlan SVI if you want to inter-vlan between different vlan

Vlan filter work with and without SVI, it filter mac and IP.

MHM