Link to home
Start Free TrialLog in
Avatar of dan4132
dan4132Flag for United Kingdom of Great Britain and Northern Ireland

asked on

Cisco Vlan Advice

Hi there,
I am after some advice to see if this can be done and how possibly?

I have 4 different VLANS:
5 = Servers
10 = Teachers
15 = Guest
20 = Admin Staff

I have used ACL's and can deny access for example the Guests from accessing the Teachers & Admin Vlan. I tried to do the same with the Server vlan but my DHCP Server is in this Vlan and when I deny the ip in the ACL the Guests can no longer get DHCP addresses. DNS is also on the same Server.
So does this mean that I need to put the DHCP Server in a seperate Vlan or is there someway of doing it so it denys access to the Vlan but still gets ip addresses? I have the IP helper address configured under the virtual port on the router.

Next question. I would like the Teachers just to access the Curric Server, but the Admin Server is also in the same Vlan as the Curric Server so I can't use an ACL to deny it access as of course this will deny them access to the Curric Server. So is there a way to do this as well?

Thanks
ASKER CERTIFIED SOLUTION
Avatar of John Meggers
John Meggers
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of dan4132
dan4132
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

Cool thanks for the reply. Ok I will keep DHCP and DNS in a seperate VLAN so as not to get them denied by the ACL's. Of course I over looked that. I can add in permit to specific IP's.. I have been denying the whole lot!!! Jeeze.. I have just over looked all of this...Thanks for your advice man