Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
623
Views
0
Helpful
0
Replies

VACL to secure DMZ VLAN

james.bastnagel
Level 1
Level 1

‎12-01-2010 09:50 AM - edited ‎03-06-2019 02:18 PM

I have two 4900's that are core switches with various vlans on them. One of these vlans has an edge router and a firewall connected on each core switch and the vlan is allowed on the trunk between the 4900's.

So 4900#1 and 4900#2 both have vlan xyz1 with two ports assigned to this vlan. There is a firewall in one port and an edge router in the other port so they may communicate rather than them being directly connected. Then the VLAN is allowed on the trunk between the two cores. The subnet is a /28 to accommodate the devices in the "DMZ".

I have been advised that we should implement a VACL to further secure the traffic in this vlan.

Can anyone explain how or why we would do this?

Thank you!!!

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card