Thanks for the reply, I went through the guide and it is usuable but I don't think I can cause I have a bunch of switches across the building and this configuration would force me to configure every single switch. And if there is a change on some port it need to be configured again. It looks like kind of a static approach and not very scalable.
Another thing is I don't think you can implement this using trunk ports since it only uses untagged frames so I can't use this since I'm using trunks to carry vlans to layer 2 switches.
Can't I use ACL's on the PC6248 or maybe if I turn routing off the vlan interfaces and put static routes to the ASA. I'm not familiar with the PC6248 so I don't know what it is capable of.
There is a ip routing command in global config mode, what does it do?
Thank you, the link www.dell.com/.../pwcnt_IP_ACLs.pdf was very helpfull. I have now succesfully isolated all my vlans. I just created an ACL for every vlan interface and every ACL contain a deny ACE to all the vlans, and a permit ip any any is the last ACE on every ACL.
Well the pdf above really explains it all.
Thanks again.
PS. On my previous post I was wondering about the "ip routing" command, not the "ip route" command. just to clarify.
FamousRuler
1 Rookie
•
110 Posts
0
March 5th, 2012 09:00
Thanks for the reply, I went through the guide and it is usuable but I don't think I can cause I have a bunch of switches across the building and this configuration would force me to configure every single switch. And if there is a change on some port it need to be configured again. It looks like kind of a static approach and not very scalable.
Another thing is I don't think you can implement this using trunk ports since it only uses untagged frames so I can't use this since I'm using trunks to carry vlans to layer 2 switches.
Can't I use ACL's on the PC6248 or maybe if I turn routing off the vlan interfaces and put static routes to the ASA. I'm not familiar with the PC6248 so I don't know what it is capable of.
There is a ip routing command in global config mode, what does it do?
FamousRuler
1 Rookie
•
110 Posts
0
March 6th, 2012 06:00
Thank you, the link www.dell.com/.../pwcnt_IP_ACLs.pdf was very helpfull. I have now succesfully isolated all my vlans. I just created an ACL for every vlan interface and every ACL contain a deny ACE to all the vlans, and a permit ip any any is the last ACE on every ACL.
Well the pdf above really explains it all.
Thanks again.
PS. On my previous post I was wondering about the "ip routing" command, not the "ip route" command. just to clarify.
mburke911
1 Rookie
•
39 Posts
0
December 8th, 2022 08:00
Does anyone know where dell is hiding the pwcnt_IP_ACLs.pdf document? The link doens't work and it seems it's the solution for my problem.
Thanks
DELL-Charles R
Moderator
•
4.7K Posts
0
December 8th, 2022 13:00
Hello mburke911,
I don't know that that document is available. All the links I find to it are broken. If someone in the community has it maybe they could post it.
I did find this that may be helpful:
How to configure IP ACL in DELL Networking N-Series Switches
http://dell.to/3FeebeD