Cisco ACL - Restrict a subnet to access only one host on another subnet
Posted on 2004-10-21
I have two VLANs setup using a Catalyst switch and using a 2621 using subinterfaces to route the VLANs. We also have a PIX506
The basic routing works.
Both subnets use the PIX506 for their default gateway (10.1.199.1).
Subnet 1 = (10.1.199.x/24)
Subnet 2 = (10.1.250.x/24)
I would like to restrict "subnet 2"s hosts from seeing "subnet 1"s hosts, but because subnet 2 needs to access the PIX for INternet, I would like to see if subnet 2's gateway (10.1.250.1) can forward to 10.1.199.1 (PIX GW) without giving access to the rest of 10.1.199.0/24.
I am assuming (Newbie thought) that the PIX does not support encapsulation like the Router for subinterfaces...
THanks in advance...