[c-nsp] how to secure a vlan?

Dan Letkeman danletkeman at gmail.com
Fri Feb 29 18:08:18 EST 2008


What would be the best way to go about securing networks on 3560 switches?

Currently i'm trunking multiple vlans between 3560's.  Each switch has
multiple connected networks and ospf is the routing protocol.

What I would like to do is secure a vlan so you can't access that
network from another vlan.  For example:  My server farm vlan is vlan
250, but I dont want the workstations from vlan 200 to access those
servers except port 21 & port 80 traffic.

I understand that I would need to do this with acl's, but im unsure
where to start.  Any examples would be helpfull.

Thanks,
Dan


More information about the cisco-nsp mailing list