Solved

Cisco private vlan

Posted on 2007-12-04
3
1,130 Views
Last Modified: 2010-04-21
Hi,
I have a cisco 4506 and a 3com switch. I would like to prevent traffic from the 3com switch with communicating with other vlans on the cisco 4506 switch. The hosts on the 3com switch should be able to talk to each other but not to the cisco 4506 switch. The 3com switch will have a ip address assigned to it, it should be manageable from any vlans within the 4506.
I have heard of private vlans , would they be way to implement it? As I am new to private vlans, it would be appreciated if sample commands could be provided. Thanks.
0
Comment
Question by:cwtang
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 50

Accepted Solution

by:
Don Johnston earned 350 total points
ID: 20402292
The concept of private VLANs is to restrict traffic within a VLAN. It sounds like you're trying to restrict traffic from other VLANs. For that, you would use an ACL on the layer 3 interfaces of the route processor.
0
 
LVL 1

Assisted Solution

by:mmurraynet
mmurraynet earned 150 total points
ID: 20403059
Are the 3COM hosts on a different subnet? If so, use dj's suggestion and go with ACLs:

In the following example the subnet of your 3COM hosts is 172.16.4.0 /24.

Router(config)# access-list 1 deny 172.16.4.0 0.0.0.255
Router(config)# access-list 1 permit any

Note that there is an implicit deny at the end of this list (access-list deny all)

Router(config)# interface ethernet 0
Router(config-if)# ip access-group 1 in
0
 

Author Closing Comment

by:cwtang
ID: 31412552
Thanks for the information. I thought there was alternative to acls. Thanks for the help :)
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
fabric 1 80
Can you use inline network testing tools with Cisco port security? 2 49
Unidentified Network 12 79
Layer 3 Switch Configuration 12 85
I see many questions here on Experts Exchange regarding switch port configurations and trunks. This article is meant for beginners in the subject to help to get basic knowledge about Virtual Local Area Network (VLAN (http://en.wikipedia.org/wiki/Vir…
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question