Setting up Private VLAN with only Internet Access

Posted on 2014-08-28
Medium Priority
Last Modified: 2014-08-28
I would like to setup a private VLAN on our network that will only have Internet access.  This would mainly be used via wireless.  Currently we have a Cisco ASA 5505 as our firewall, several Cisco 2960 switches and a Cisco 4402 Wireless Controller.

I am familiar with setting up VLANs both on the switches and wireless controller.  But what I can't figure out is how to make that VLAN have no access to any other VLAN but still have internet access.  I am thinking ACLs, but not sure where to start, I've not really every played with them.

Thanks in Advance!
Question by:Railroad
LVL 50

Accepted Solution

Don Johnston earned 2000 total points
ID: 40290944
Probably the easiest would be to use an ACL on the 5505.  Just create an ACL that denies traffic to the local networks and a "permit any" at the end.

Author Closing Comment

ID: 40291004
I make the ACL on our core 3560 switch by creating the ACL:

ip access-list extended Guest
 deny   ip any
 permit ip any any

and applying it to the VLAN interface:

interface Vlan51
 description Wireless Network
 ip address
 ip access-group Guest in

Featured Post

NEW Veeam Backup for Microsoft Office 365 1.5

With Office 365, it’s your data and your responsibility to protect it. NEW Veeam Backup for Microsoft Office 365 eliminates the risk of losing access to your Office 365 data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How does someone stay on the right and legal side of the hacking world?
Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question