• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1138
  • Last Modified:

Cisco private vlan

Hi,
I have a cisco 4506 and a 3com switch. I would like to prevent traffic from the 3com switch with communicating with other vlans on the cisco 4506 switch. The hosts on the 3com switch should be able to talk to each other but not to the cisco 4506 switch. The 3com switch will have a ip address assigned to it, it should be manageable from any vlans within the 4506.
I have heard of private vlans , would they be way to implement it? As I am new to private vlans, it would be appreciated if sample commands could be provided. Thanks.
0
cwtang
Asked:
cwtang
2 Solutions
 
Don JohnstonInstructorCommented:
The concept of private VLANs is to restrict traffic within a VLAN. It sounds like you're trying to restrict traffic from other VLANs. For that, you would use an ACL on the layer 3 interfaces of the route processor.
0
 
mmurraynetCommented:
Are the 3COM hosts on a different subnet? If so, use dj's suggestion and go with ACLs:

In the following example the subnet of your 3COM hosts is 172.16.4.0 /24.

Router(config)# access-list 1 deny 172.16.4.0 0.0.0.255
Router(config)# access-list 1 permit any

Note that there is an implicit deny at the end of this list (access-list deny all)

Router(config)# interface ethernet 0
Router(config-if)# ip access-group 1 in
0
 
cwtangAuthor Commented:
Thanks for the information. I thought there was alternative to acls. Thanks for the help :)
0

Featured Post

Become a Leader in Data Analytics

Gain the power to turn raw data into better business decisions and outcomes in your industry. Transform your career future by earning your MS in Data Analytics. WGU’s MSDA program curriculum features IT certifications from Oracle and SAS.  

Tackle projects and never again get stuck behind a technical roadblock.
Join Now