Question:
Inter Vlan routing restriction...?
2012-07-15 02:27:51 UTC
Hello guys..
I would like to create a vlan network where I can give access to some users to communicate with other vlan rather than everyone. For example just imagine that your office have two department sales and accounting..you have created two vlans naming sales and accounts. Both of the department have two GM. Now in your network only GM of both department will have the access to communicate with other department rather than each and everyone of the department to communicate with each other.
Need some solution...
Thanks in advance
Three answers:
PCeeze
2012-07-17 16:25:32 UTC
Sales - ordinary users

ip 192.168.10.x

subnetmask 255.255.255.0

def gw 192.168.10.1



Sales - GM

ip 192.168.10.x

subnetmask 255.255.0.0

def gw 192.168.10.1



Accounting - ordinary users

ip 192.168.20.x

subnetmask 255.255.255.0

def gw 192.168.20.1



Accounting - GM

ip 192.168.20.x

subnetmask 255.255.0.0

def gw 192.168.20.1



where x is a number from 2 to 254 being unique to any computer in a department
2012-07-18 10:22:06 UTC
hi, mohammad-

not only will you need to create different vlans for each group (each vlan using a unique IP subnet), but you will also have to implement some security to limit the communication between the two vlans (as per your question). a simple way to do this is to use an access-list on your router. since the router is required for the inter-vlan routing anyway, you can apply access-lists on the vlan interfaces to limit which IPs can access which IPs.



you should watch these two video tutorials for more details:



1. inter-vlan routing: http://www.bosscbt.tv/icnd2/inter-vlan-routing/

2. access-lists (8 videos) : http://www.bosscbt.tv/ccna-2/ccna-icnd2-tutorial-index/implementing-ip-routing/



good luck!
2016-10-31 13:40:10 UTC
i imagine the substantial distinction is value, in inter-vlan routing you many times have a router with 2 ethernet ports, or maybe 2 routers, a million on each vlan and they are appropriate mutually. yet with router-on-a-stick you're able to have a million router with a million ethernet port.


This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.
Loading...