asked on

vlan

i have 5 different network

Servers
Admin
Wifi
POS
Guest

currently all networks can talk to each other
support i dont want guest network to see servers network, whats the best way to do this.

ASKER CERTIFIED SOLUTION

DaMaestro

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

ammadeyy

ASKER

Servers 192.168.1.1/255
Admin 192.168.2.1/255
Wifi 192.168.3.1/255
POS 192.168.4.1/255
Guest 192.168.5.1/255

thats how my ip ranges are

ammadeyy

ASKER

email server ip is 192.168.1.3

guest ip 192.168.5.2

email server i add net config server /hidden:yes

still guest can ping to email server

ammadeyy

ASKER

i have a HP 2626 switch, from that switch its connected to many unmanaged switches

if i create logical vlans from 2626, and have a router to do ACL will it work?

Danny_Larouche

On server... route add 192.168.5.0 MASK 255.255.255.0 192.168.1.222 (222=bogus address)

ammadeyy

ASKER

suppose there is one client in guest network needs to access 192.168.1.3, how can i do that?

SOLUTION

Danny_Larouche

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Danny_Larouche

> if i create logical vlans from 2626, and have a router to do ACL will it work?
>

Yes, if your switch doesn't handle layer3, you may use a router and its ACL to set inter-vlan rules.

SOLUTION

DJSara

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

SOLUTION

djohnson104

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Danny_Larouche

He will also need to set ACL to deny other protocols such as RDC, telnet, http/https(destinated to network devices), syslog, smnp,...