Cisco Community
English
Register
The War in Ukraine - Supporting customers, partners and communities. LEARN MORE
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
444
Views
0
Helpful
4
Replies
Michael Sales
Beginner
Beginner
‎02-10-2007 05:33 AM
‎02-10-2007 05:33 AM

VACL for guest http access

6513 core switch with MSFC 15 and 16 configured with Inter-vlan routing and static routes to internet.

I want to setup a wireless guest network on school wide network and limit only web access in and out to port 80. I want to create a guest vlan with a VACL to segment.

Is this a good solution and what is the best VACL config?

Labels:
0 Helpful
4 REPLIES 4
jain.nitin
Participant
Participant
‎02-11-2007 10:39 AM
‎02-11-2007 10:39 AM

Hi, YEs with the help of vlans u can restric the traffic via source IP, dest IP, Src port & dest port. I wud suggest to create a separate vlan for wireless & on that vlan apply VACL which allow only http traffic.

Hope it will give u some idea.

Thanks

Ninja

0 Helpful
Michael Sales
Beginner
Beginner
In response to jain.nitin
‎02-14-2007 04:30 PM
‎02-14-2007 04:30 PM

Thanks jain,

I have the VLAN created with a small subnet. Routing is working to the internet. I'm not sure on the VACL. Do I apply them at the MSFC or the sup?

I've read on VACL's and It's a bit sketchy, I've seen code for both.

Not sure where to apply.

0 Helpful
bfledderjohn
Beginner
Beginner
In response to Michael Sales
‎04-06-2007 12:59 PM
‎04-06-2007 12:59 PM

I posed this same question to a Cisco tech and was told to apply the vacl to the sup, not the MSFC.

0 Helpful
Michael Sales
Beginner
Beginner
In response to bfledderjohn
‎05-11-2007 04:20 AM
‎05-11-2007 04:20 AM

Hi,

That was correct...thanks for your help. It works like a charm. Need to do this more often.

0 Helpful
Latest Contents
Upgrade Cisco DNA Center
Created by mclymer on 05-18-2022 12:20 PM
0
0
0
0
Learn more about Cisco DNA Center, Version 2.2.3.4
5-minute Cisco Survey – Enter Gift Card Giveaway!
Created by Robert Murphy on 05-18-2022 11:30 AM
1
5
1
5
Do you use Cisco DNA Center? Have you used and are you willing to provide your feedback in using the Cisco DNA Center help and documentation? If so, we’d like you to complete the survey linked below. Your feedback will help provide more effective and easi... view more
OSPF for CCIE Enterprise and Infrastructure Exam
Created by Meddane on 05-13-2022 02:24 AM
0
0
0
0
The ultimate is coming.  
Cisco Champion Radio: S9|E18 CC Unfiltered: Becoming an Expe...
Created by Amilee San Juan on 05-11-2022 12:57 PM
0
0
0
0
Listen: https://smarturl.it/CCRS9E18Follow us: https://twitter.com/CiscoChampion Reaching the height of your career is no simple feat. It often requires a combination of pursuing the right education, building the right professional network and being ... view more
SD-WAN and NAT Types
Created by Meddane on 05-08-2022 01:44 AM
0
0
0
0
In a typical production SD-WAN deployment, we would probably have many remote sites connected via many different Internet connections to a centralized data center or a regional hub. In most regions in the world, Internet providers will always use some typ... view more
Ask a Question
Create
+ Discussion
+ Blog
+ Document
+ Video
+ Project Story
Find more resources
Discussions
Blogs
Documents
Events
Videos
Project Gallery
New Community Member Guide
Related support document topics
Recognize Your Peers
Spotlight Award Nomination
Content for Community-Ad