3COM VLAN

Does created VLANs route by itself by default ? I have created few VLANs and it can communicate within each VLAN. Any idea ?

Tks
Configuration.txt
AXISHKAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Anthony CarterCommented:
If it is anything like HP Procurve, all VLANs can talk to all VLANs by default.  You need to configure acls in the Layer3 switch to stop the hopping between VLANs.

The Layer3 switch automatically has a route map.  If it knows about all 3 VLAN's, it knows how to route them.  Apply ACLs to prevent traffic between them.

Have a look at: http://www.h3c.com/portal/Technical_Support___Documents/Technical_Documents/WLAN/Access_Controller/H3C_WX3000_Series_Unified_Switches/Configuration/Operation_Manual/H3C_WX3000_CG-6W103/201007/685290_1285_0.htm

specifically, Assigning an ACL to a VLAN.
0
Anthony CarterCommented:
This is a quick example I found googling:

acl number 3011
description Inbound vlan 11 traffic
rule deny ip source 10.0.11.0 255.255.255.0 destination 10.0.13.0 255.255.255.0
rule permit ip source any
quit
 
 now go into vlan interface 11 and apply the acl
 
int vlan 11
packet-filter 3011 inbound
quit

You can find more here (message 10 has the full example): http://h30499.www3.hp.com/t5/Comware-Based/Can-we-restrict-routing-between-VLANs-in-A5120-using-ACL/td-p/5398109#.Vfjcc_lVhBc
0
Budhi WitonoCommented:
on vlan-interface1
rule 10 deny ip source 10.0.23.253 destination 10.0.22.253
rule 20 deny ip source 10.0.23.253 destination 10.0.21.253
rule 30 deny ip source 10.0.23.253 destination 10.0.20.253

on vlan-interface10
rule 10 deny ip source 10.0.22.253 destination 10.0.23.253
rule 20 deny ip source 10.0.22.253 destination 10.0.21.253
rule 30 deny ip source 10.0.22.253 destination 10.0.20.253

so on interface 100, 200
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
AXISHKAuthor Commented:
Tks
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Switches / Hubs

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.