Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
442
Views
0
Helpful
2
Replies

Multiple vlan access on a stand alone switch

smiths@prpa.org
Level 1
Level 1

‎02-04-2013 12:25 PM - edited ‎03-07-2019 11:30 AM

Got an interesting question from one of our other engineers today that I thought I would run by the community...

The field engineer has a stand alone 24 port 2900 series switch that he has different equipment connected to and are segmented using VLANs. So for example, he's got ports 1-4 assigned to VLAN 10, 5-12 assigned to VLAN 20, 13-19 assigned to VLAN 30 and 20-24 assigned to VLAN 40. He would like all the gear on VLAN 30 to have the ablity to talk to all of the other VLANS, but VLAN 40 should not be allowed to talk with any other VLAN. Trunking would do no good here since the switch isn't connected to anything and you can only assign one VLAN per port.

Is there a way to do this within the stand alone switch? The only possible way I could think of would be to ensure that each VLAN has an assigned IP number (subnet) and doing this through access lists. Thoughts, suggestions?

Thank you,

Steve

Labels:
0 Helpful
2 Replies 2

Reza Sharifi
Hall of Fame
Hall of Fame

‎02-04-2013 01:06 PM

Hi,

Since vlan 40 should not be talking to any other vlan, the easiest solution might be not to create an SVI for vlan 40.  So, equipment in vlan 40 don't have a default gateway configured, therefore they will not be able to talk to other vlans. All other vlans do.

HTH

0 Helpful

smiths@prpa.org
Level 1
Level 1
In response to Reza Sharifi

‎02-04-2013 02:59 PM

Would a private-vlan work in this case?

Steve

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card