Hello,
on my LAN, most network devices use default VLAN and have ip address from range 10.10.1.X with subnet mask 255.255.240.0.
However, there exists several restricted VLANs with ip address range
10.10.10.X , subnet mask 255.255.255.240. Restricted VLANs are protected by ACL, but as you can see they are also in ip address range of default VLAN.Is this ok thing to have? Can they be restricted enough with ACL regardless they are in default ip address range?
Thank you.
This seems like a confusing setup, I don't understand why they've done it this way. But I think it should work. VLANs prevent direct communication between the devices in the default VLAN and the restricted VLANs, they would have to go through the routing module. Unless you have proxy-ARP enabled on the router, the devices in the default VLAN won't even try to use it -- they think the restricted subnets are directly reachable.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.