• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

cisco gurus?

xaeniac

xaeniac

Golden Member
Do any of you have a good example of this? I know there is VACL's, but am not reading the context very clearly. Can anyone help out?
 
couple ways to do it. Easiest way is to put an ACL on the interface.
Here is an example

int vlan1
ip address 192.168.1.1 255.255.255.0
ip access-group 100 in

int vlan2
ip address 192.168.2.1 255.255.255.0
ip access-group 101 in

int serial0/0
ip address 276.1.1.1 255.255.255.252


access-list 100 deny ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 100 permit ip any any

access-list 101 deny ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 101 permit ip any any



This would prevent the two vlans from talking but they could access the internet if the serial was connected to the internet.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top