VLAN separation with common access to one vlan
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎10-11-2017 10:34 AM
Hello,
our customer has 18 tenants in a building which share a common it infrastructure. Each tenant should be able to access the common resource telephone system and internet. The tenant networks should be separated.
What I did:
a vlan for each tenant with an ip address as a tenant gateway
ipforwarding for all vlans
Is there a possibility to separate the tenant networks, without for each tenant a traffik deny for all other tenants to place?
Switch: X460 G2, FW: 22.3.1.4
Software: NetSight
Thanks in advance
Best Regards
Juergen Graefe
our customer has 18 tenants in a building which share a common it infrastructure. Each tenant should be able to access the common resource telephone system and internet. The tenant networks should be separated.
What I did:
a vlan for each tenant with an ip address as a tenant gateway
ipforwarding for all vlans
Is there a possibility to separate the tenant networks, without for each tenant a traffik deny for all other tenants to place?
Switch: X460 G2, FW: 22.3.1.4
Software: NetSight
Thanks in advance
Best Regards
Juergen Graefe
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎10-17-2017 09:41 AM
This it what I used ... ACLs are very easy with Extreme Networks 🙂
It's not the case with Cisco ...
Anyway your problem was solved : Great !
It's not the case with Cisco ...
Anyway your problem was solved : Great !
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎10-17-2017 08:03 AM
I have solved the problem by having ipforwarding enabled for all vlans and
for each tenant I has created an access list with a mutual exclusion.
Thanks for replay
for each tenant I has created an access list with a mutual exclusion.
Thanks for replay
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎10-16-2017 01:34 PM
Is it what you are looking for ?
https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-configure-private-vlan
https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-configure-private-vlan
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎10-11-2017 11:21 AM
Thanks pascal for your replay.
I have private vlan "inet" configured
create private-vlan InetPriv
configure private-vlan InetPriv add networkv "Inet"
If I then try to add a tenant vlan as "non-isolated"
configure private-vlan InetPriv add subscriber "ForIB" non-isolated
I get the error "Subscriber VLAN can not have ip address Configured"
This IP address I need, but nevertheless the routing for this tenant works?
I have private vlan "inet" configured
create private-vlan InetPriv
configure private-vlan InetPriv add networkv "Inet"
If I then try to add a tenant vlan as "non-isolated"
configure private-vlan InetPriv add subscriber "ForIB" non-isolated
I get the error "Subscriber VLAN can not have ip address Configured"
This IP address I need, but nevertheless the routing for this tenant works?
