Header Only - DO NOT REMOVE - Extreme Networks
Question

HOW TO BLOCK PING INTERVLAN IP ADDRESS

  • 3 May 2019
  • 1 reply
  • 374 views

HOW TO BLOCK PING INTERVLAN IP ADDRESS

1 reply

Userlevel 5
Hello Prasanna,

You can do couple of things depending on devices you have:
  • ACLs (Policy - EXOS) at the router (edge) for each VLAN to block communication with all other VLANs as a destination (by subnet) (can grow but AFAIK ACL zones in EXOS could be helpful for instance, never played with that yet), or for the entire switch to block combinations of source and destination IPs,
  • ACL at the router for each VLAN to block ICMP echo at all and only allow gateway ping as a higher precedence rule,
  • PVLAN - VLAN Translation (EXOS and maybe others as well).
Hope that helps,
Tomasz

Reply