This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

intra-vlan traffic block

intra-vlan traffic block

Giuseppe_Montan
Contributor

‎06-12-2023 01:15 AM

Good Morning, I am looking a way to block intravlan traffic.

I have a couple of 5520 as core and lot of X440G2 as access.

I have a Vlan that is configured over all switches.

It can communicate with Internet and other vlan  but the users on this vlan can not communicate eachother.

Probably privatevlan is the right way but i can not confgure on core switch ( cause the subscriver vlan has ip address configured )

Anyone know hot to solve ?

Thanks

Giuseppe

0 Kudos
4 REPLIES 4

OscarK
Extreme Employee

‎06-12-2023 05:39 AM

Take a look at port isolation for the core switch, very simple. 

Ports with isolation set to on cannot communicate with eachother.

0 Kudos

Giuseppe_Montan
Contributor
In response to OscarK

‎06-14-2023 05:41 AM

I used a dynamic ACL 😞 but I am not shure is the right way ( It works but I do not like it )

I tried also to block traffic between VLAN in only one way

source 192.168.199.0 to destination 192.168.188.0 DENY

source 192.168.188.0 to destination 192.168.199.0 PERMIT

If I create the first dynamic ACL I deny all traffic ( ingress and egress ) between this vlan and this is not I need.

Giuseppe

0 Kudos

Giuseppe_Montan
Contributor

‎06-12-2023 02:16 AM

Thanks, can you give me an example ?

Giuseppe

0 Kudos

gfriedl
Extreme Employee

‎06-12-2023 02:09 AM

i would build an IP ACL, that redirect all IP packets to the default Gateway IP of choice ... drop all other ip packets.

0 Kudos
GTM-P2G8KFN