VLANs Cisco Security


i want to know how to secure my network.

I have switches for users on each floors, they belong to the same VTP domain distribute by my network core which is a catalyst 4006.

So i create all my vlan's on it and use the routing module integrated on the 4006 to route vlans, the problem is that if i don't change anything everything is routed, the switches are all on the VLAN 1 and my user in VLAN 2 and i don't want to allow traffic between those 2 VLAN's.

What is the best way to do that ? Policy routing, ACLS... can you give some help


Reply to
Loading thread data ...


You can do inter-vlan routing and use VACL's for denying the VLAN 2 access from VLAN1 and vice versa


Shnooky wrote:

Reply to

vlan acl on the switches inbound acl applied on interface vlan 1 to to permit only vlan 1 subnet addresses or deny vlan 2 subnet addresses.

Shnooky wrote:

Reply to

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.