VLAN Isolation

- N
- Nyerere
  
  Contact options for registered users
posted
15 years ago

Wed, Mar 4, 2009 9:08 AM

I have two VLANs (10 & 20) configured on a Catakyst 2900 switch and a Cisco 1842 router. The configuration is as follows:

Switch ! interface FastEthernet0/18 switchport access vlan10 ! interface FastEthernet0/19 switchport access vlan

20 ! interface FastEthernet0/24 switchport mode trunk

Router ! interface FastEthernet0/0.10 encapsulation dot1Q

10 ip address 192.168.10.1 255.255.255.0 ! interface FastEthernet0/0.20 encapsulation dot1Q 20 ip address 192.168.20.1 255.255.255.0 !

There is no routing protocol configured. I want to stop communication between VLAN 10 annd VLAN 20 and vice-versa. How's this possible?

Regards Ayanda

Loading thread data ...

- B
- bod43
  
  Contact options for registered users
Vote on answer
posted
15 years ago

Wed, Mar 4, 2009 9:24 AM

You could have a look at:-

ip access-list ACL.blocklocal.10.in deny ip 192.168.10.0 0.0.0.255 192.168.20.0 0.0.0.255 permit ip any any

ip access-list ACL.blocklocal.20.in deny ip 192.168.20.0 0.0.0.255 192.168.10.0 0.0.0.255 permit ip any any

int FastEthernet0/0.10 ip access-g ACL.blocklocal.10.in in

int FastEthernet0/0.20 ip access-g ACL.blocklocal.20.in in

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.