Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1957
Views
0
Helpful
3
Replies

Restrict access to sensitive VLANs

vd123_cisco
Level 1
Level 1

‎06-05-2012 10:26 PM - edited ‎03-07-2019 07:05 AM

Hi All,

We have a network of 30 VLANS and currently all the vlans have access to everyhing. We are using Cisco 6509 switch for Layer3 routing.

I would like to prevent some VLANs accessing the server VLANs. Can anyone advise how can i resrict access to the server VLANs?

Do i need to implement access-lists on the 6500 switch? or do i need to create VLANS on the firewall so that all traffic i filtered?

Thanks

Jay

Labels:
Preview file
11 KB
0 Helpful
3 Replies 3

Sandeep Choudhary
VIP Alumni
VIP Alumni

‎06-05-2012 11:20 PM

use ACL on this layer 3 switch to block some vlan to access server vlan

Regards

0 Helpful

lgijssel
Level 9
Level 9

‎06-05-2012 11:26 PM

You can use both solutions but with everything in one routing domain it will be somewhat cumbersome to allow exactly the traffic that you want. There is a third option namely to place the vlans which need to be filtered in a different context using vrf lite.

You may then use the firewall to route and filter traffic. Please check this example:

http://www.cisco.com/en/US/products/hw/modules/ps2797/products_tech_note09186a0080b6216e.shtml

regards,

Leo

0 Helpful

vd123_cisco
Level 1
Level 1

‎06-06-2012 06:08 PM

Thank you for the reply guys.

Can you confirm if the access-lists will go under VLAN interfaces on 6500 switch?

Thanks

Jay

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card