<div>
So if you are on vlan 30 you do not want to get to vlan 40 or vlan 50? &nbsp;Is that correct? &nbsp;Should vlan 30 be allowed to get to the internet or any other networks?
</div>


So if you are on vlan 30 you do not want to get to vlan 40 or vlan 50?  Is that correct?  Should vlan 30 be allowed to get to the internet or any other networks?

<div>
Yes if I am on vlan 30, I don't want to see vlan 40 or 50. &nbsp;I do want all network to have access to the internet. &nbsp;Thanks.
</div>


Yes if I am on vlan 30, I don't want to see vlan 40 or 50.  I do want all network to have access to the internet.  Thanks.

<div>
I do have an Cisco ASA5510 on this network. &nbsp;Should I just create an access-list on the inside for this on the ASA5510 instead of creating the access-list on switches?
</div>


I do have an Cisco ASA5510 on this network.  Should I just create an access-list on the inside for this on the ASA5510 instead of creating the access-list on switches?

<div>
<div class="content wysiwyg-content">
Below is a digram of my network. &nbsp;Right now all networks can talk to each other. &nbsp;For example, if I am on a server in the 10.4.0.0 network, from there I can RDP into a server in the 10.5.0.0 network. &nbsp;I need to create a access-list so these networks can't talk to each other. &nbsp;I am using VTP, thats why all switches share a common VLAN. &nbsp;Can someone provide me with an access-list example to accomplish this. &nbsp;thanks.<br />
<br />
<br />
<a href="https://filedb.experts-exchange.com/incoming/2010/11_w47/370431/Switches-Diagram.jpg" target="_blank" title="Switch Diagram (27 KB)"><img alt="Switch Diagram" class="file-block lazyload" style="max-width: 795px;" data-src="https://filedb.experts-exchange.com/incoming/2010/11_w47/370431/Switches-Diagram.jpg" /></a>
</div>
</div>


Switches-Diagram.jpg

Below is a digram of my network.  Right now all networks can talk to each other.  For example, if I am on a server in the 10.4.0.0 network, from there I can RDP into a server in the 10.5.0.0 network.  I need to create a access-list so these networks can't talk to each other.  I am using VTP, thats why all switches share a common VLAN.  Can someone provide me with an access-list example to accomplish this.  thanks.




Access-lists on Cisco 3550 switches

A switch is a device that filters and forwards packets of data between LAN segments. Switches operate at the data link layer or the network layer of the Open Systems Interconnection (OSI) Reference Model and therefore support any packet protocol. LANs that use switches to join segments are called switched LANs or, in the case of Ethernet networks, switched Ethernet LANs. A hub is a connection point for devices in a network. Hubs are commonly used to connect segments of a LAN. A hub contains multiple ports; when a packet arrives at one port, it is copied to the other ports so that all segments of the LAN can see all packets.

Switches / Hubs

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.