Meraki

Community

Access Control List

SirAndre
Comes here often
‎Apr 30 2019 1:09 PM
‎Apr 30 2019 1:09 PM

Access Control List

Good Afternoon, 

 

Im having issues Places ACL's. I have a Vlan that i would like to block from communicating with other Vlans. but would like to allow all other Vlans to access the blocked Vlan. where should i create these rules.

 

Example.

 

block vlan 5 from seeing other vlans

allow vlan 1 to send and receive to vlan 5

0 Kudos
3 Replies 3
jdsilva
Kind of a big deal
‎Apr 30 2019 2:09 PM
‎Apr 30 2019 2:09 PM

@SirAndre wrote:

where should i create these rules.

What choices do we have? What devices are in your network that can enforce ACLs?

http://blog.brokennetwork.ca | @jdsilva
0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Apr 30 2019 6:10 PM
‎Apr 30 2019 6:10 PM

If you only have MS devices then the rules have to be symmetric.  If VLAN1 is allowed to talk to VLAN5, then VLAN5 has to be allowed to talk to VLAN1.  This is because ACLs in MS switches are stateless.

 

You would need a firewall to create statefull based ACLs.

In response to PhilipDAth
Nick
Head in the Cloud
‎May 1 2019 1:42 AM
‎May 1 2019 1:42 AM

Branching this off slightly - if you have MS switches doing the VLAN's and an MX in place as well. I am guessing you'd need to route the VLAN's back to the MX to achieve such results?
0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.