cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
446
Views
0
Helpful
4
Replies
Michael Sales
Beginner

VACL for guest http access

6513 core switch with MSFC 15 and 16 configured with Inter-vlan routing and static routes to internet.

I want to setup a wireless guest network on school wide network and limit only web access in and out to port 80. I want to create a guest vlan with a VACL to segment.

Is this a good solution and what is the best VACL config?

4 REPLIES 4
jain.nitin
Participant

Hi, YEs with the help of vlans u can restric the traffic via source IP, dest IP, Src port & dest port. I wud suggest to create a separate vlan for wireless & on that vlan apply VACL which allow only http traffic.

Hope it will give u some idea.

Thanks

Ninja

Thanks jain,

I have the VLAN created with a small subnet. Routing is working to the internet. I'm not sure on the VACL. Do I apply them at the MSFC or the sup?

I've read on VACL's and It's a bit sketchy, I've seen code for both.

Not sure where to apply.

I posed this same question to a Cisco tech and was told to apply the vacl to the sup, not the MSFC.

Hi,

That was correct...thanks for your help. It works like a charm. Need to do this more often.