I have a 3560 with multiple VLANs, IP routing is enabled between VLANs - all works well. The default gateway on the 3560 is set to my firewalls IP address, and internet traffic is correctly routed.
Is it possible to isolate one of the VLANs so that it is not routed with the others, but still have internet traffic on the isolated VLAN routed to the default gateway?
Put an ACL on the VLAN interface ('in') that denies traffic destined to other VLANs, with a permit ip any any on the end. This will block communications to your other networks, and allow what you want.
Thanks Trendkill :-)
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.