Access Control List

SirAndre
Comes here often

Access Control List

Good Afternoon, 

 

Im having issues Places ACL's. I have a Vlan that i would like to block from communicating with other Vlans. but would like to allow all other Vlans to access the blocked Vlan. where should i create these rules.

 

Example.

 

block vlan 5 from seeing other vlans

allow vlan 1 to send and receive to vlan 5

3 Replies 3
jdsilva
Kind of a big deal


@SirAndre wrote:

where should i create these rules.


What choices do we have? What devices are in your network that can enforce ACLs?

PhilipDAth
Kind of a big deal
Kind of a big deal

If you only have MS devices then the rules have to be symmetric.  If VLAN1 is allowed to talk to VLAN5, then VLAN5 has to be allowed to talk to VLAN1.  This is because ACLs in MS switches are stateless.

 

You would need a firewall to create statefull based ACLs.

Nick
Head in the Cloud

Branching this off slightly - if you have MS switches doing the VLAN's and an MX in place as well. I am guessing you'd need to route the VLAN's back to the MX to achieve such results?
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels