Hello, I am trying to reduce the scope of PCI cardholder data-carrying networks. I have a POS system that I would like to completely isolate from everything except the firewall. I have a Catalyst 4500 switch. Right now I have no access lists in place. Is such a thing possible?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Isolate a single port from rest of switch?
- Thread starter sstoppel
- Start date
- Thread starter
- #4
Supervisor is what I meant, but yeah, that answered the question.
The vlan idea is the way to go.
switchport access vlan 21
!
int vlan 21
ip add x.x.x.x y.y.y.y
!
ip routing
!then on the trunk, if pruning, allow it also.
/
tim@tim-laptop ~ $ sudo apt-get install windows
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package windows...Thank Goodness!
The vlan idea is the way to go.
switchport access vlan 21
!
int vlan 21
ip add x.x.x.x y.y.y.y
!
ip routing
!then on the trunk, if pruning, allow it also.
/
tim@tim-laptop ~ $ sudo apt-get install windows
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package windows...Thank Goodness!
- Status