dan4132
asked on
Cisco Vlan Advice
Hi there,
I am after some advice to see if this can be done and how possibly?
I have 4 different VLANS:
5 = Servers
10 = Teachers
15 = Guest
20 = Admin Staff
I have used ACL's and can deny access for example the Guests from accessing the Teachers & Admin Vlan. I tried to do the same with the Server vlan but my DHCP Server is in this Vlan and when I deny the ip in the ACL the Guests can no longer get DHCP addresses. DNS is also on the same Server.
So does this mean that I need to put the DHCP Server in a seperate Vlan or is there someway of doing it so it denys access to the Vlan but still gets ip addresses? I have the IP helper address configured under the virtual port on the router.
Next question. I would like the Teachers just to access the Curric Server, but the Admin Server is also in the same Vlan as the Curric Server so I can't use an ACL to deny it access as of course this will deny them access to the Curric Server. So is there a way to do this as well?
Thanks
I am after some advice to see if this can be done and how possibly?
I have 4 different VLANS:
5 = Servers
10 = Teachers
15 = Guest
20 = Admin Staff
I have used ACL's and can deny access for example the Guests from accessing the Teachers & Admin Vlan. I tried to do the same with the Server vlan but my DHCP Server is in this Vlan and when I deny the ip in the ACL the Guests can no longer get DHCP addresses. DNS is also on the same Server.
So does this mean that I need to put the DHCP Server in a seperate Vlan or is there someway of doing it so it denys access to the Vlan but still gets ip addresses? I have the IP helper address configured under the virtual port on the router.
Next question. I would like the Teachers just to access the Curric Server, but the Admin Server is also in the same Vlan as the Curric Server so I can't use an ACL to deny it access as of course this will deny them access to the Curric Server. So is there a way to do this as well?
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER