Question

Policy to deny traffc between vlan

  • 1 May 2021
  • 1 reply
  • 23 views

Userlevel 1

Good Morning, a customer ask if is posible to create a policy ( on XMC ) to permit or deny the communication betwwen VLAN.

I am finding the old documentation about ACL or Policy on XOS, do you have something to help me ?

Thanks

Giuseppe


1 reply

Userlevel 6
Badge

Hi Giuseppe,

 

I’d consider to isolate inter-VLAN traffic on a routing device, using Policy rather to deny all and access specific protocols and hosts for the roles. That way the router takes care of inter-VLAN and Policy is about surgically precise access to protocols even within a VLAN, even on the same switch.

I shared some food for thoughts regarding this inter-VLAN communication issue here:

 

Hope that helps,

Tomasz

Reply