Vlans

You can use ACLs to isolate traffic on your switch.  Once you have the different VLANs talking to each other freely throughout your network you would a write and apply the ACL to block certain traffic.

ACL Overview

Access Control Lists (ACL) filter network traffic by controlling whether packets are forwarded or blocked at the switch's interfaces. The switch examines each packet to determine whether to forward or drop the packet, based on the criteria specified by the Access Control Entries (ACE). ACEs are the statements which define what the switch will do with a packet if it meets one of the filters. Multiple ACEs make up an ACL.

You can create both MAC-based and IP-based ACLs on PowerConnect switches. Regardless of which one you create, there are three main steps to creating and implementing ACLs as shown below:

Step 1 - Create IP / MAC ACL

• Enter ACL configuration mode by defining a new IP or MAC ACL.

Step 2 - Create ACE statements

• Define ACEs within the ACL.
• Exit the ACL Configuration Mode.

Step 3 - Define the ACL on an interface

• Enter the Ethernet Interface configuration mode for the interface you want to define.
• Attach the ACL to the interface with the service-acl command.
• Exit the Ethernet Interface configuration mode.

Sample config:

console# config

console(config)#access-list ip-acl deny ip 172.16.101.10 0.0.0.0 172.16.101.70 0.0.0.0 eq 23

console(config)#access-list ip-acl deny ip 172.16.101.10 0.0.0.0 172.16.101.70 0.0.0.0 eq 80

console(config)#access-list ip-acl permit every

console(config)# interface ethernet 1/g1 (62xx or pre-4.x firmware)

console(config)# interface gi1/0/1 (70xx or 4.x firmware)

console(config-if-1/g1)#ip access-group ip-acl in

console(config-if-1/g1)# end

console#

Hope this helps,

Please keep us updated.

Another option; if you don't plan on doing replication between your iSCSI SAN and another iSCSI SAN, just remove the IP from that VLAN and remove any routes and there's no way in (or out), which is best for iSCSI (unless you are doing replication).