Balack
asked on
How to segment the traffic by using VLANs on Cisco 3560 switch?
The is my partner's company, that make fully use on cisco switches. Assumed that they are using distribution and access layers hierrachy, now there is a request to create one new additional segment, how should I do the control on traffic in/out from this segment?
Off course I'll use VLAN, should I use ACL to control traffic? Does ACL support VLANs? and how?
Off course I'll use VLAN, should I use ACL to control traffic? Does ACL support VLANs? and how?
ASKER
Hi adam1115,
The objective is to permit/deny traffic between local host and remote hosts. For example, if I am going to deploy a mail server in vlan A; only few of the hosts in vlan B are allowed to access this mail server, by using smtp ONLY; How am I able to achieve this objective?
The objective is to permit/deny traffic between local host and remote hosts. For example, if I am going to deploy a mail server in vlan A; only few of the hosts in vlan B are allowed to access this mail server, by using smtp ONLY; How am I able to achieve this objective?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Does vrf is a cisco method?
ASKER
If possible, prefer Cisco official method.
ASKER
Looks good, but it may not suitable in my working environment
A switchport is layer 2 and where VLAN's generally operate, so no, ACL's don't apply.
Typically a layer 3 port is the port connected to your internet connection, where you maybe routing multiple vlans out... ACL's would work on Layer 3 routed ports.
What exactly are you trying to do?