ACLs for switches
Posted on 2009-07-11
CISCO 3750 12.2(25) SEE2
Cisco 2950 12.1.(22) EA2
We codevelop software with teams from other companies and they come to our site to do this. With these companies we have setup Lan to Lan tunnels. So when they come we allow them to connect to our Guest network. Then they VPN into their companies and connect to a particular host on our end. It does not seem the best way to me for them to loop around like that because of our security restrictions.
I was thinking about letting them connect to our company LAN then configure ACLs in a switch, apply them to specific ports and allow them access only to an specific host on port 80 and 443.
If it makes any difference I will throw these 2 scenarios in:
1- destination host and guest users connected physically to ports in the same switch
2- destination host and guest users connected in different switches uplinked with switches in between . I wonder it if is needed one set of ACLs on both switches or does it matter?
Is this possible, please provide an example of how it would like in the configuration
Thanks for your help