I have configured multiple VlANs (Vlan10 and 20) on cisco L3 switch. And I want to stop downloads to Vlan20 users on L3 switch. Can I do this on my cisco L3 switch?
If the downloads you said is like: user can open http://software.opensuse.org/123/en but will be blocked if user try to download the ISO image from the site, then i don't think 2900 router will do any help on this. what you need for this is a web filtering software or device or proxy server that support filtering (like ISA server, websense).
If you want to block file sharing from the VLAN , use the extended inbound & outbound ACL blocking TCP port 445,135,139
ip access-list extended Deny-fileshare
deny tcp any any eq 445
deny tcp any any eq 139
deny tcp any any eq 135
permit ip any any
int vlan 20
ip access-group Deny-fileshare in
ip access-group Deny-fileshare out
It will block all filesharing communication from VLan 20.You can apply ACL on router also , the LAN port which goes to your CORE Switch.