If you were Registered and logged in, you could reply and use other advanced thread options
|
Posted by Vincent on February 11, 2009, 10:00 pm
Please excuse me if this is a dumb question, but I am going to ask
anyhow (I am a novice). If I have multiple switches plugged into the
switch ports on the back of a Cisco 871 router, is it possible to
filter the traffic that travels between these two ports? So, all of
the computers on this hypothetical network would be on the same
subnet, but hosts with IP addresses from 192.168.0.50-192.168.0.100
would be accessible from the switch attached to one of the Cisco
switch ports and hosts with IP addresses from
192.168.0.101-192.168.0.150 would be accessible from another switch
attached to a different switch port on the Cisco router. Can the
traffic between these two address ranges be filtered by the Cisco
router? I do understand the typical way of doing this would be to
utilize VLANs, but this requires the rather expensive "Advanced IP
Services" IOS. Thanks.
Vincent
|
|
Posted by Thrill5 on February 12, 2009, 1:19 am
> Please excuse me if this is a dumb question, but I am going to ask
> anyhow (I am a novice). If I have multiple switches plugged into the
> switch ports on the back of a Cisco 871 router, is it possible to
> filter the traffic that travels between these two ports? So, all of
> the computers on this hypothetical network would be on the same
> subnet, but hosts with IP addresses from 192.168.0.50-192.168.0.100
> would be accessible from the switch attached to one of the Cisco
> switch ports and hosts with IP addresses from
> 192.168.0.101-192.168.0.150 would be accessible from another switch
> attached to a different switch port on the Cisco router. Can the
> traffic between these two address ranges be filtered by the Cisco
> router? I do understand the typical way of doing this would be to
> utilize VLANs, but this requires the rather expensive "Advanced IP
> Services" IOS. Thanks.
> Vincent
On switchports you can only filter based on MAC addresses, not IP addresses.
I've never tried to do this on an 871 before, so I don't even know if VACLs
(switchport ACLs) are supported. Not sure what you call "rather expensive"
but "Advanced IP Services" for an 871 lists for $150 which, for Cisco, is
cheap!!!
|
|
Posted by Vincent on February 12, 2009, 10:21 am
> > Please excuse me if this is a dumb question, but I am going to ask
> > anyhow (I am a novice). =A0If I have multiple switches plugged into the
> > switch ports on the back of a Cisco 871 router, is it possible to
> > filter the traffic that travels between these two ports? =A0So, all of
> > the computers on this hypothetical network would be on the same
> > subnet, but hosts with IP addresses from 192.168.0.50-192.168.0.100
> > would be accessible from the switch attached to one of the Cisco
> > switch ports and hosts with IP addresses from
> > 192.168.0.101-192.168.0.150 would be accessible from another switch
> > attached to a different switch port on the Cisco router. =A0Can the
> > traffic between these two address ranges be filtered by the Cisco
> > router? =A0I do understand the typical way of doing this would be to
> > utilize VLANs, but this requires the rather expensive "Advanced IP
> > Services" IOS. =A0Thanks.
> > Vincent
> On switchports you can only filter based on MAC addresses, not IP address=
es.
> I've never tried to do this on an 871 before, so I don't even know if VAC=
Ls
> (switchport ACLs) are supported. =A0 Not sure what you call "rather expen=
sive"
> but "Advanced IP Services" for an 871 lists for $150 which, for Cisco, is
> cheap!!!- Hide quoted text -
> - Show quoted text -
Where are you seeing a price of $150 for this IOS? I thought it was
over $1,000. Thanks.
Vincent
|
|
Posted by Doug McIntyre on February 12, 2009, 1:40 pm
>> > Please excuse me if this is a dumb question, but I am going to ask
>> > anyhow (I am a novice). =A0If I have multiple switches plugged into the
>> > switch ports on the back of a Cisco 871 router, is it possible to
>> > filter the traffic that travels between these two ports? =A0So, all of
>> > the computers on this hypothetical network would be on the same
>> > subnet, but hosts with IP addresses from 192.168.0.50-192.168.0.100
>> > would be accessible from the switch attached to one of the Cisco
>> > switch ports and hosts with IP addresses from
>> > 192.168.0.101-192.168.0.150 would be accessible from another switch
>> > attached to a different switch port on the Cisco router. =A0Can the
>> > traffic between these two address ranges be filtered by the Cisco
>> > router? =A0I do understand the typical way of doing this would be to
>> > utilize VLANs, but this requires the rather expensive "Advanced IP
>> > Services" IOS. =A0Thanks.
>> > Vincent
>> On switchports you can only filter based on MAC addresses, not IP address=
>es.
>> I've never tried to do this on an 871 before, so I don't even know if VAC=
>Ls
>> (switchport ACLs) are supported. =A0 Not sure what you call "rather expen=
>sive"
>> but "Advanced IP Services" for an 871 lists for $150 which, for Cisco, is
>> cheap!!!- Hide quoted text -
>> - Show quoted text -
>Where are you seeing a price of $150 for this IOS? I thought it was
>over $1,000. Thanks.
CDW part # 1004750 for $119.99
Although you'd probably have to call and talk to them, they list
'call' instead of 'in stock' like the IP Enterprises part # is listed as.
|
| Similar Threads | Posted | | how to monitor traffic going through a switch port | November 18, 2009, 3:36 pm |
| How do I filter VPN traffic? | April 26, 2006, 5:59 am |
| How to filter mirrored traffic? | April 27, 2009, 11:43 am |
| Access List Qs: Filter Traffic Between VLANs | February 11, 2007, 6:03 pm |
| MAC Filter with 2950 switch..How? | March 15, 2007, 5:18 pm |
| port flapping and web filter | June 21, 2006, 10:01 am |
| Filter traffic by MAC Address : Cisco 2960/3750 Switches | March 25, 2009, 6:42 am |
| Port mirroring in HP 2626-pwr 24 port switch | October 25, 2005, 2:01 am |
| Change routing port to switch port | March 5, 2008, 4:53 am |
| Switch for collecting traffic | July 22, 2004, 12:27 am |
|
|
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map
> anyhow (I am a novice). If I have multiple switches plugged into the
> switch ports on the back of a Cisco 871 router, is it possible to
> filter the traffic that travels between these two ports? So, all of
> the computers on this hypothetical network would be on the same
> subnet, but hosts with IP addresses from 192.168.0.50-192.168.0.100
> would be accessible from the switch attached to one of the Cisco
> switch ports and hosts with IP addresses from
> 192.168.0.101-192.168.0.150 would be accessible from another switch
> attached to a different switch port on the Cisco router. Can the
> traffic between these two address ranges be filtered by the Cisco
> router? I do understand the typical way of doing this would be to
> utilize VLANs, but this requires the rather expensive "Advanced IP
> Services" IOS. Thanks.
> Vincent