Cisco private vlan

I have a cisco 4506 and a 3com switch. I would like to prevent traffic from the 3com switch with communicating with other vlans on the cisco 4506 switch. The hosts on the 3com switch should be able to talk to each other but not to the cisco 4506 switch. The 3com switch will have a ip address assigned to it, it should be manageable from any vlans within the 4506.
I have heard of private vlans , would they be way to implement it? As I am new to private vlans, it would be appreciated if sample commands could be provided. Thanks.
Who is Participating?
Don JohnstonConnect With a Mentor InstructorCommented:
The concept of private VLANs is to restrict traffic within a VLAN. It sounds like you're trying to restrict traffic from other VLANs. For that, you would use an ACL on the layer 3 interfaces of the route processor.
mmurraynetConnect With a Mentor Commented:
Are the 3COM hosts on a different subnet? If so, use dj's suggestion and go with ACLs:

In the following example the subnet of your 3COM hosts is /24.

Router(config)# access-list 1 deny
Router(config)# access-list 1 permit any

Note that there is an implicit deny at the end of this list (access-list deny all)

Router(config)# interface ethernet 0
Router(config-if)# ip access-group 1 in
cwtangAuthor Commented:
Thanks for the information. I thought there was alternative to acls. Thanks for the help :)
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.