Limiting a single VLAN for external access only using ACL HP Procurve
I am trying to configure a switch to provide multiple vlans for users, as well as a private vlan for guest Wi-Fi. VLAN 15 has the DHCP server
VLAN 1 – Not used
VLAN A – IP set, used for clients in building A. IP helper address set
VLAN B – IP set, used for clients in building B. IP helper address set
VLAN C – IP set, used for guest Wi-Fi. IP helper address set
Currently all VLANs can talk to each other, our data center, our main office, and the internet.
I would like to limit traffic on VLAN C to only be able to go out to the internet but not reach any of our internal network. Since IP routing is enabled on the switch it is letting all traffic pass. I know I will have to use an ACL to limit this but I don’t quite understand ACL’s.
Ideally I would like to use the DHCP server on VLAN A but if that will not work I can set up another DHCP server on VLAN C. I am using a Ruckus Zone Director and access points for the Wi-Fi. This device can understand VLAN tags so in Building A the access points will be tagged with VLAN A and C, building B will be tagged with B and C.
I am using HP Procurve 2920 Layer 3 switch in both buildings A and B. The buildings are connected with a wireless bridge.