Filter
Top Products
Create A Secure Network With Allied Telesis Managed Layer 3 Switches 21
Protecting the user
Configuration
of edge
switches
1. Create the VLANs, specifying that they are private. Make a different VLAN for each type
of traffic that you want to control differently.
2. Add the uplink and private ports to the VLANs as tagged ports.
3. Configure any other requirements, such as a management IP address.
Configuration
of access
router
1. Create the VLANs.
2. Add the ports to the VLANs as tagged ports.
3. Enable IP.
4. Give each VLAN an IP address and turn on local proxy ARP.
5. Create classifiers and filters to decide which traffic to block.
6. Configure any other required networking features.
Example
To allow VoIP (voice) but no other traffic between clients in the above network, use the
following configuration for edge switch
1
(an AT-8648 switch in this example):
ena stp=default
set stp=default mode=rapid
delete lacp port=3-50
enable lacp
create vlan="voice" vid=101 private
add vlan=101 port=1-2,49-50 uplink frame=tagged
add vlan=101 port=3-48 frame=tagged
create vlan="video" vid=102 private
add vlan=102 port=1-2,49-50 uplink frame=tagged
add vlan=102 port=3-48 frame=tagged
create vlan="data" vid=103 private
add vlan=103 port=1-2,49-50 uplink frame=tagged
add vlan=103 port=3-48 frame=tagged
create vlan="management" vid=104 private
add vlan=104 port=1-2,49-50 uplink frame=tagged
add vlan=104 port=3-48 frame=tagged
# Give the management VLAN an appropriate IP address
enable ip
add ip int=vlan104 ip=<address-in-192.168.4.0-subnet>