I have two vlans, 2 (10.229.24.0) and 8 (10.101.28.0). I'm using a cisco 3560 to do all my layer 3 traffic. Port 2 is Vlan 2 (10.229.24.254) and port 5 is VLan 8 (10.101.30.254) on the switch. What would be the easiest way to use ACLs to prevent Vlan 8 talking to Vlan 2? But I do need a couple of server in Vlan 8 to be able to talk to hosts in Vlan 2. Also, I would like to be able to control what ports go out of those interfaces. For example, If I only wanted users to have access to http, https for internet and block all other ports.
Thanks in advance for your help.