If you can a Cisco switch like 3550 or 6500 you can implement VACLs. Any packets entering the VLAN or exiting will be checked against configured VLAN mappings (or VACLS).
The only thing to remember is if a packet is not matched against a sequence the following sequence. If the packet gets through your ACL to the without a match clause then it will be dropped. Here is a URL to check out: http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration _guide_chapter09186a0080160a7e.html It works on the 3550 to. Bob. -----Original Message----- From: LINKCRAFT [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 03, 2003 12:52 AM To: [EMAIL PROTECTED] Subject: VLAN security I have a leased line network with few VLAN configured, may I know how can I implement the security in order to prevent hacking from one VLAN to another VLAN or from internet. There is no firewall installed in the network. Can I implement firewall? If affirmative, how can I protect between each VLAN? They don't have to access to each other. Or should I use IDS or any other tools? Is there any freeware available? Thanks/regards ===== Thanks/regards Tan Yew Kwee Linkcraft Supply & Services HP: 96959406 Fax: 67814648 __________________________________________________ Do You Yahoo!? Send free SMS from your PC! http://sg.sms.yahoo.com --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------------------------------------------------------------------------