12-12-2011 09:53 AM - edited 03-07-2019 03:51 AM
hi all,
On my catalyst 3750; im planning to make a very particular acess list between the server vlan and client vlan,
what i need to do is the following :
1 allow acces in one way, from the server vlan to user vlan and on a specific ports ( backup agent, anti-virus agent, snmp)
2 the user vlan can't acces to the server vlan but can acces to the internet
3 the servers vlan can acces to the internet
how can i do this (exemple plz)
regards
12-12-2011 11:18 AM
Hi,
IP communication is bidirectional so you can't do both 1 and 2 points you wish to achieve.
You'll have to permit return traffic from user to server in response to server-user communication.
You can achieve this using ACL on VLAN interfaces.
But what is the goal of only permitting traffic from server to user and return traffic as the intial traffic is always from the client to the server?
Regards.
Alain
12-12-2011 11:51 AM
hi,
i explain, i want that the traffic can be only initiated by the server vlan
for example, a backup server need to contact a machine on the backup client, this kind of acl are well apreciated for the security.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide