Solved

Cisco private vlan

Posted on 2007-12-04
3
1,131 Views
Last Modified: 2010-04-21
Hi,
I have a cisco 4506 and a 3com switch. I would like to prevent traffic from the 3com switch with communicating with other vlans on the cisco 4506 switch. The hosts on the 3com switch should be able to talk to each other but not to the cisco 4506 switch. The 3com switch will have a ip address assigned to it, it should be manageable from any vlans within the 4506.
I have heard of private vlans , would they be way to implement it? As I am new to private vlans, it would be appreciated if sample commands could be provided. Thanks.
0
Comment
Question by:cwtang
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 50

Accepted Solution

by:
Don Johnston earned 350 total points
ID: 20402292
The concept of private VLANs is to restrict traffic within a VLAN. It sounds like you're trying to restrict traffic from other VLANs. For that, you would use an ACL on the layer 3 interfaces of the route processor.
0
 
LVL 1

Assisted Solution

by:mmurraynet
mmurraynet earned 150 total points
ID: 20403059
Are the 3COM hosts on a different subnet? If so, use dj's suggestion and go with ACLs:

In the following example the subnet of your 3COM hosts is 172.16.4.0 /24.

Router(config)# access-list 1 deny 172.16.4.0 0.0.0.255
Router(config)# access-list 1 permit any

Note that there is an implicit deny at the end of this list (access-list deny all)

Router(config)# interface ethernet 0
Router(config-if)# ip access-group 1 in
0
 

Author Closing Comment

by:cwtang
ID: 31412552
Thanks for the information. I thought there was alternative to acls. Thanks for the help :)
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question