Cisco 3550 EMI Acl's and VLANs

Discussion in 'Cisco' started by Nick, Sep 20, 2004.

  1. Nick

    Nick Guest

    Hi,

    I need to be pointed in the right direction as I'm both a newbie to
    Cisco and I've found myself stuck in what seems to be a simple
    problem.

    I've successfully set up a Cisco 3550 with EMI software. The switch is
    up and running and is currentely only using 2 ports.

    One port acts as an "uplink" port to the corporate network. All of our
    network resources are in the IP range of e.g. 10.32.0.0 (except
    Internet ofcourse), there's a default route in the 3550 for that.

    Now....

    I'm adding other network resources to the switch and for each resource
    that physically connects to the switch, I create a VLAN for it and do
    all the routing. So far, so good...

    When I connect an extra network resource to the switch, i.e. a router
    I'm able to ping resources on other ports/VLANs.

    Example.

    Port 1 -> Connected to a router with a VLAN that it's a member of
    (VLAN100)
    Port 2 -> Connected to a router with a VLAN that it's a member of
    (VLAN101)

    Resources on port 1 can ping/connect to resources on port 2.

    They are not member of the same VLAN, and they're in seperate subnets.

    Let's say that my network on Port 1 is 10.1.1.0 and Port 2 is
    10.1.2.0. I don't want these to be able to communicate with eachother.

    These networks are only allowed to access hosts on the corporate
    network through port 24 (uplink) and only to access the 10.32.0.0
    network. (There is a 10.33.0.0 for DMZ, although not relevant here)

    This is a simple problem for someone that knows how to do it...

    Any pointers in the right direction as well as hints is much
    appreciated.


    Best Regards,

    Nick
     
    Nick, Sep 20, 2004
    #1
    1. Advertising

  2. Nick

    mh Guest

    Configure ACL's on each "downstream" interface to allow/deny the
    traffic flows that you want
     
    mh, Sep 21, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. desdronox
    Replies:
    1
    Views:
    2,938
    Terry Baranski
    Jul 10, 2003
  2. JohnNews
    Replies:
    10
    Views:
    6,761
    One Step Beyond
    Oct 20, 2003
  3. Steinar Haug
    Replies:
    0
    Views:
    749
    Steinar Haug
    Oct 20, 2003
  4. Bombay CCIE Study Group 2005

    Cisco Catalyst 3550-24 SMI to EMI conversion

    Bombay CCIE Study Group 2005, Feb 15, 2006, in forum: Cisco
    Replies:
    0
    Views:
    934
    Bombay CCIE Study Group 2005
    Feb 15, 2006
  5. MasterOfComboBoxes

    acl to separate VLANs 3550

    MasterOfComboBoxes, Oct 1, 2007, in forum: Cisco
    Replies:
    2
    Views:
    1,099
    thort
    Oct 2, 2007
Loading...

Share This Page