Start Free TrialLog in
Avatar of lonekawboy
lonekawboy

asked on 

Blocking layer 3 traffic on a Cisco 3560-X switch

I have a 3560X switch that I have routing turned on for and I would like to block all traffic from one specific vlan to all others. I have the following vlans:

VLAN 20 IP Address 10.2.0.14 255.255.0.0
VLAN 23 IP Address 10.23.0.1 255.255.0.0

I have ip routing turned on and I see routes.

I want to block traffic from vlan 23 to vlan 20 and I thought this would work:

access-list 101 deny ip 10.23.0.0 0.0.255.255 any
access-list 101 permit ip any any

vlan 20
ip access-group 101 in

I can still ping 10.2.0.14 from 10.23.0.100.

Ideas?
Switches / HubsNetwork OperationsRouters
Avatar of undefined
Last Comment
Don Johnston
ASKER CERTIFIED SOLUTION
Avatar of Frabble
Frabble
Flag of United Kingdom of Great Britain and Northern Ireland image
Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of Don Johnston
Don Johnston
Flag of United States of America image
Or you could use your existing ACL and apply it outbound on the VLAN 20 interface.
Avatar of ciscocert
ciscocert
Flag of India image
vlan 23 -> 20

access-list 101 deny ip 10.23.0.0 0.0.255.255 10.2.0.0 0.0.255.255
access-list 101 permit ip any any

int vlan 23
ip access-group 101 in



Avatar of Don Johnston
Don Johnston
Flag of United States of America image
Ciscocert:

Was it really necessary to post the exact same ACL that Frabble posted an hour earlier?
Routers
Routers

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.

49K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
Ask the experts

  • "Invaluable tool for our organization"

    Josh Regalski

  • "Your help has saved me hundreds of hours of internet surfing."

    @fblack61

  • "Just a dang good service!"

    @golferski

  • "Worth every penny."

    Steve Hougom

  • "It’s been a life saver."

    Maria Halt

  • "Best support site I’ve seen!"

    Bob Schneider

  • "I would be lost without them."

    @fblack61

  • "Saved my job multiple times."

    Walt Forbes

  • "I love this site."

    Maria Duwe

  • "Friendly respectful help."

    Andrew Kowtalo

  • "Such top-notch experts."

    @magento

  • "The best money I have ever spent."

    @rwheeler23

  • "Beyond any comprehensible value"

    George Morris

  • "Invaluable tool for our organization"

    Josh Regalski

Read over 600 more reviews

TRUSTED BY

IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo
© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent