Solved: Re: One VLAN to rule them all.

smithvivi08096 · ‎01-30-2020

I am looking for a way for one VLAN to access all oryer VLANs. However, all other VLANs can only talk amongst themselves.

For example;

VLAN 105 can access 101, 102 and 103

However these VLANs can't not access each other and can't access 105.

Jaderson Pessoa · ‎01-30-2020

Hello

Look at private VLAN
More detail here:https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guide/cli/CLIConfigurationGuide/PrivateVLANs.html

ACL MAPPING: https://translate.google.com/translate?hl=pt-BR&sl=en&u=https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/vacl.html&prev=search

Best Regards

Jaderson Pessoa
*** Rate All Helpful Responses ***

View solution in original post

Jaderson Pessoa · ‎01-30-2020

Hello

Look at private VLAN
More detail here:https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guide/cli/CLIConfigurationGuide/PrivateVLANs.html

ACL MAPPING: https://translate.google.com/translate?hl=pt-BR&sl=en&u=https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/vacl.html&prev=search

Best Regards

Jaderson Pessoa
*** Rate All Helpful Responses ***

balaji.bandi · ‎01-30-2020

Not sure what switch model is this ? or Device ? can you post model and version of code

You can do 3 Options.

1. If the switch support you can achieve with VRF

2. VLAN with ACL

3. Private VLAN

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Nadav · ‎01-31-2020

If these VLANs are distinct VLANs, and not groups you want to segregate within a monolithic VLAN, your easiest option is inter-vlan based routing with a VACL.

You allow them to communiate as router-on-a-stick or "ip routing" for a L3 switch, then apply a VACL as necessary.

Keep in mind that private VLANs is segregation/collaboration of distinct groups within a VLAN.