Saturday, March 20, 2021

One way device discovery between VLANs on a C3560

Let me start this off by saying that in no way am I a professional or even up to snuff with networking. I'm currently a CS student who is starting to branch out into more networking / security learning paths. I'm currently an IT intern at a local library and our network specialist has tasked me with finding a way to allow devices on one VLAN to be discovered by another, but only in one direction.

Here is the scenario:

VLAN 10 - Staff VLAN

VLAN 20 - Public use computers and printers

We want to be able to manage hosts on VLAN 20 from within VLAN 10, but we don't want to allow hosts on VLAN 10 to be accessible from VLAN 20. From the research I've done, I thought we might be able to use a Reflexive ACL, however this is not supported by our hardware. I'm sure there is a good deal of information I've left out unknowingly. Any suggestions are greatly appreciated and I will try to clarify any details if there are questions.



No comments:

Post a Comment