I have been working at this issue for longer then i should be. ultimately im looking to apply a type of vlan security network wide only allowing vlans to access resources that they need to. in some case i only want them to access the internet. but im starting small with a vlan that will only have 1 computer on it. the requirements for this vlan are that no vlans on the network should be able to see this computer. and this computer on this vlan should not be able to see anything on the network only the internet. im looking for a detail explanation on how i might accomplish this with an extended named ACL this is what i have.. o and its a 6509 switch
first i create the ACL
(ip access-list extended TEST)
(deny ip 192.168.0.0 0.0.255.255 192.168.0.0 0.0.255.255 log)
the reason i did the above like this is to cover all my vlans in one deny statement (this might be my problem but i dont know becuase i dont see any difference in behavior from if i apply the following statement . if i were only blocking the 20 vlan
(deny ip 192.168.38.0 0.0.0.255 192.168.20.0 0.0.0.255 log)
(permit ip 192.168.38.0 0.0.0.255 any log)
then i applied it to my vlan 38 interface
(ip access-group TEST in)
its not blocking any of the traffic that i want. i would like to keep away from having 30 deny statements every time i want to create an ACL vlan map. or would it be best practice to apply access mapping in this scenario. I am very new to VACL and the idea sounds confusing so if anyone knows of any good reads on it i would be very great full. thanks all
I should note to things these are the real Ips for obvious reasons but we are a class c for all other vlans and I subnetted vlan 38 to a 255.255.255.240 to give me 15 usable addresses. Just I case that matters.
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail. The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg).
If you're looking for how to monitor bandwidth using netflow or packet s…