Block inter-VLAN traffic

[disturbedone]

I have a Catalyst 4507 with multiple VLANs. For example VLAN5 is for printers and is 10.5.0.0/16 and VLAN61 is for personal WiFi devices and is 10.61.0.0/16.

I would like to block access from these personal devices to printers. How can this be achieved?

 

[imbadatthis]

create an access lists put it on the :
standard list : put it on the destination interface
ext acl : put it on the originating interfaces.


ex: ip access-list ext thisismystupidlist-ACL
deny ip 10.61.0.0 0.0.255.255 10.5.0.0 0.0.255.255
!next line is bad actually try to use the right ip addresses and take the time to make a decent list.
permit any any


int vlan 61
ip access-group thisismystupidlist-ACL in

We must go always forward, not backward
always up, not down and always twirling twirling towards infinity.

 

[burtsbees]

Still twirling toward infinity...lol

:O



ip access-list extended IP-Options-and-Powerball
deny ip any any winning-powerball-ticket
permit ip any any option any-options
!
class-map ACL-Options-and-Powerball
match access-group name IP-Options-and-Powerball
!
policy-map CoPP-POLICY
class ACL-Options-and-Powerball
drop
!
control-plane
service-policy input CoPP-POLICY