[c-nsp] Disable some routing

Daniel Hooper dhooper at emerge.net.au
Wed Jun 6 08:16:04 EDT 2007


Maybe some config snippets from your router and switch might help, I am having trouble trying to see whats going on with this one.
 
At a guess you might want to enable VRF's ... VRF's will allow each interface on the router to have it's own routing table and not route between vlans, you could also use ACL's if you need some amount of access between the VLAN's.
 
Probably what you need to google for is intervlan routing.
 
-Dan

________________________________

From: cisco-nsp-bounces at puck.nether.net on behalf of Bernd Ueberbacher
Sent: Wed 06/06/07 5:47 PM
To: cisco-nsp
Subject: [c-nsp] Disable some routing



Hi there!

I've got a bit of a strange question...
I have a small Cisco Router with some VLANs and a Catalyst behind. If I
connect one office to the switch in a seperate VLAN with an official IP
address, the person can reach everything, but in my case (or the general
case?) a bit too much. One VLAN on the switch and the Router is for
management, with 10.0.0.0/24, but as the router is doing what it is
supposed to do, he routes everything for this network, as the router
also has an IP in this network. A person in the office can now ping,
telnet, ... into my management network. If I remove the IP address from
the routers VLAN, the problem is "solved", but not the way I want it to
be solved *G*

I hope you understand my problem, because it's somehow hard to explain
and even harder to search for in google ;-)


Thanks and have a nice day,
Bernd



_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/




More information about the cisco-nsp mailing list