troubleshooting Question
Limiting a single VLAN for external access only using ACL HP Procurve
asked on
Hello Experts
I am trying to configure a switch to provide multiple vlans for users, as well as a private vlan for guest Wi-Fi. VLAN 15 has the DHCP server
VLAN 1 – Not used
VLAN A – IP set, used for clients in building A. IP helper address set
VLAN B – IP set, used for clients in building B. IP helper address set
VLAN C – IP set, used for guest Wi-Fi. IP helper address set
Currently all VLANs can talk to each other, our data center, our main office, and the internet.
I would like to limit traffic on VLAN C to only be able to go out to the internet but not reach any of our internal network. Since IP routing is enabled on the switch it is letting all traffic pass. I know I will have to use an ACL to limit this but I don’t quite understand ACL’s.
Ideally I would like to use the DHCP server on VLAN A but if that will not work I can set up another DHCP server on VLAN C. I am using a Ruckus Zone Director and access points for the Wi-Fi. This device can understand VLAN tags so in Building A the access points will be tagged with VLAN A and C, building B will be tagged with B and C.
I am using HP Procurve 2920 Layer 3 switch in both buildings A and B. The buildings are connected with a wireless bridge.
Thank you for your help,
Sam
I am trying to configure a switch to provide multiple vlans for users, as well as a private vlan for guest Wi-Fi. VLAN 15 has the DHCP server
VLAN 1 – Not used
VLAN A – IP set, used for clients in building A. IP helper address set
VLAN B – IP set, used for clients in building B. IP helper address set
VLAN C – IP set, used for guest Wi-Fi. IP helper address set
Currently all VLANs can talk to each other, our data center, our main office, and the internet.
I would like to limit traffic on VLAN C to only be able to go out to the internet but not reach any of our internal network. Since IP routing is enabled on the switch it is letting all traffic pass. I know I will have to use an ACL to limit this but I don’t quite understand ACL’s.
Ideally I would like to use the DHCP server on VLAN A but if that will not work I can set up another DHCP server on VLAN C. I am using a Ruckus Zone Director and access points for the Wi-Fi. This device can understand VLAN tags so in Building A the access points will be tagged with VLAN A and C, building B will be tagged with B and C.
I am using HP Procurve 2920 Layer 3 switch in both buildings A and B. The buildings are connected with a wireless bridge.
Thank you for your help,
Sam
Learn from the best
Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.
Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 5 Comments.
Try for 7 days”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.
Our community of experts have been thoroughly vetted for their expertise and industry experience.