×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Contact US

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

3com 5500 Access Control List Help

3com 5500 Access Control List Help

3com 5500 Access Control List Help

(OP)
We have a couple of 3com 5500 switches with a couple of different vlans between 2 buildings. We also have a wx2200 wireless controller. We have vlan 1, 2, 3, 4, 5, 6, 7. Vlan 7 is a guest vlan for wireless access. Vlan 6 is wireless for staff, the other vlans are wired jacks for various departments. Say vlan 7 has an ip range of 10.0.10.0 255.255.255.0, that vlan should not access any other vlans on the network. Instead of creating an ACL with a bunch of rules for the different IP segments of each VLAN, is it possible to create an ACL like this for example:

ACL 3000

rule 1 permit ip source 10.0.10.0 0.0.0.255 destination 10.0.30.254 0.0.0.255

rule 2 deny ip source 10.0.10.0 0.0.0.255 destination any

then apply that rule to each VLAN? In my mind with this setup I am thinking that any time an IP address from the guest vlan segment tries to enter one of those other vlan segments, it will be blocked. The guest vlan should only be able to hit the web. The permit rule would be the ip address going to the router.

Thank you for your help

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login


Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close