Inter-VLAN Routing on an RV34x Router with Targeted ACL Restrictions

<!DOCTYPE html> <html xmlns:fb="//www.facebook.com/2008/fbml" xmlns:og="//opengraphprotocol.org/schema/" lang="en" xml:lang="en" class="no-touch no-js"> <head> <meta charset="utf-8"> <meta name="HandheldFriendly" content="True" /> <meta name="MobileOptimized" content="320" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta name="rei" content="3/2/2022 10.39am est" /> <script tyle="text/javascript" src="/content/dam/cdc/j/cdcrSwitch.js"></script> <script type="text/javascript"> if (typeof cdc === "undefined"){ cdc = {}; } cdc.localizedLang="en/us"; if (window.cdcext === undefined) { window.cdcext = {}; } cdcext.customEnvironment = "prod"; if (window.cdclocale === undefined) { window.cdclocale = {}; } cdclocale.locale = cdc.localizedLang=="en/us"?"en_us":cdc.localizedLang; </script> <script src="/c/dam/cdc/t/ctm-core.js"></script> <script> window['adrum-start-time'] = new Date().getTime(); window.environ = "prod" ; </script> <script> if (window.cpe === undefined) { window.cpe = {}; } cpe.accountName = "prod"; cpe.config = ["cinf","dsc","pps"]; cpe.hideMethod = "elements"; window.targetGlobalSettings = JSON.parse('{\x22timeout\x22:4000}'); window.targetPageParamsAll = () => JSON.parse('{\x22entity\x22:\x22{\\\x22id\\\x22:\\\x221570563500535157\\\x22,\\\x22categoryId\\\x22:\\\x22Products,Routers,TSD Products Tech Note\\\x22}\x22}'); const bullseyeLibrary = `/etc.clientlibs/cisco-cdc/clientlibs/clientlib-external/resources/external/bullseye.js`; import(bullseyeLibrary); </script> <script src="/etc.clientlibs/cisco-cdc/clientlibs/clientlib-external/resources/regional-mbox/regional-mbox.js"></script> <title>Inter-VLAN Routing on an RV34x Router with Targeted ACL Restrictions - Cisco</title> <meta name="format-detection" content="telephone=no"> <meta http-equiv="Content-type" content="text/html;charset=UTF-8" /> <meta name="description" content="This article explains how to configure Inter-Virtual Local Area Network (VLAN) routing on an RV34x series router with targeted Access Control List (ACL) to restrict certain traffic. Traffic can be restricted by IP address, a group of addresses, or by protocol type. " /> <meta name="title" content="Inter-VLAN Routing on an RV34x Router with Targeted ACL Restrictions" /> <meta name="documentId" content="1570136963347284" /> <meta name="templateName" content="eot" /> <meta name="PID" content="LS-RV34X-SEC-1YR=,RV340-K9-AU-RF,RV340-K9-AU,RV340-K9-G5-RF,RV340-K9-NA,RV340-K9-BR,RV340-K9-AR,RV340-K9-NA-RF,RV340-K9-CN,RV340-K9-G5,RV340-K9-KR,RV340-K8-RU,RV340-K9-IN,LS-RV34XSEC-SUB" /> <meta name="SecondaryPID" content="LS-RV34X-SEC-1YR=,RV345-K9-G5-RF,RV345-K9-G5,RV345-K8-RU,RV345-K9-BR" /> <meta property="fb:app_id" content="156494687694418" /> <meta name="ioContentSource" content="WEM" /> <meta name="concept" content="Cisco Small Business RV Series Routers" /> <meta name="secondaryConcept" content="Cisco RV340 Dual WAN Gigabit VPN Router" /> <meta name="secondaryConcept" content="Cisco RV345 Dual WAN Gigabit VPN Router" /> <meta name="docType" content="TSD Products Tech Note" /> <meta name="iaPath" content="cisco.com#Products#Cisco Products#Routers#Small Business Routers#Cisco Small Business RV Series Routers" /> <meta name="contentType" content="cisco.com#US#postSales" /> <meta name="Topics" content="SMB#VLAN Management#VLAN Settings and configuration,SMB#Family#Routers#routers-340" /> <meta name="locale" content="US" /> <meta name="language" content="en" /> <meta name="country" content="US" /> <meta name="hub" content="Enterprise Networks" /> <meta name="CCID_Page" content="cc001772" /> <meta name="date" content="Tue Sep 22 08:50:26 PDT 2020" /> <meta name="accessLevel" content="Customer" /> <meta name="accessLevel" content="Guest" /> <meta name="accessLevel" content="Partner" /> <meta name="entitlementExpression" content="contains( "0,1,2,3,4,7" , $profileField[3] )" /> <meta property="og:site_name" content="Cisco" /> <meta property="og:type" content="website" /> <meta property="og:title" content="Inter-VLAN Routing on an RV34x Router with Targeted ACL Restrictions" /> <meta property="og:description" content="This article explains how to configure Inter-Virtual Local Area Network (VLAN) routing on an RV34x series router with targeted Access Control List (ACL) to restrict certain traffic. Traffic can be restricted by IP address, a group of addresses, or by protocol type. " /> <meta property="og:url" content="https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html" /> <link rel="canonical" href="https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html"/> <link rel="alternate" hreflang="x-default" href="https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html"/> <link rel="alternate" hreflang="pt-br" href="https://www.cisco.com/c/pt_br/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html"/> <link rel="alternate" hreflang="es-mx" href="https://www.cisco.com/c/es_mx/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html"/> <link rel="alternate" hreflang="ko-kr" href="https://www.cisco.com/c/ko_kr/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html"/> <link rel="alternate" hreflang="it-it" href="https://www.cisco.com/c/it_it/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html"/> <link rel="alternate" hreflang="ja-jp" href="https://www.cisco.com/c/ja_jp/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html"/> <link rel="alternate" hreflang="de-de" href="https://www.cisco.com/c/de_de/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html"/> <link rel="alternate" hreflang="fr-ca" href="https://www.cisco.com/c/fr_ca/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html"/> <link rel="alternate" hreflang="ar-ae" href="https://www.cisco.com/c/ar_ae/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html"/> <link rel="alternate" hreflang="nl-nl" href="https://www.cisco.com/c/nl_nl/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html"/> <link rel="alternate" hreflang="zh-tw" href="https://www.cisco.com/c/zh_tw/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html"/> <link rel="alternate" hreflang="zh-cn" href="https://www.cisco.com/c/zh_cn/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html"/> <link rel="alternate" hreflang="en-us" href="https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html"/> <script src="/etc.clientlibs/clientlibs/granite/jquery.min.js"></script> <script src="/etc.clientlibs/clientlibs/granite/utils.min.js"></script> <script src="/etc.clientlibs/clientlibs/granite/jquery/granite.min.js"></script> <script src="/etc.clientlibs/foundation/clientlibs/jquery.min.js"></script> <script src="/etc.clientlibs/foundation/clientlibs/shared.min.js"></script> <script src="/etc.clientlibs/cq/personalization/clientlib/underscore.min.js"></script> <script src="/etc.clientlibs/cq/personalization/clientlib/personalization/kernel.min.js"></script> <script src="/etc.clientlibs/cq/personalization/clientlib/personalization/kernel.min.js"></script> <script type="text/javascript"> $CQ(function() { CQ_Analytics.SegmentMgr.loadSegments("\/etc\/segmentation"); CQ_Analytics.ClientContextUtils.init("\/c\/dnc\/etc\/clientcontext\/default", "\/content\/en\/us\/support\/docs\/smb\/routers\/cisco\u002Drv\u002Dseries\u002Dsmall\u002Dbusiness\u002Drouters\/1393\u002DInter\u002DVLAN\u002DRouting\u002Dwith\u002DTargeted\u002DACL\u002DRestrictions"); }); </script> <link rel="stylesheet" href="/etc/designs/cdc/clientlibs/responsive/css/cisco-sans.min.css" type="text/css"> <script src="/etc/designs/cdc/clientlibs/responsive/js/foundation.min.js"></script> <link rel="stylesheet" href="/etc/designs/cdc/fw/b/responsive/css/eot.min.css" type="text/css"> <script> sessionStorage.setItem("logOutIntermediateMessage", 'You are being logged out.'); </script>  <script type="application/ld+json"> [ { "@context": "http://www.schema.org", "@type": "WebPage", "name": "Inter-VLAN Routing on an RV34x Router with Targeted ACL Restrictions", "url": "https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html", "description": "This article explains how to configure Inter-Virtual Local Area Network (VLAN) routing on an RV34x series router with targeted Access Control List (ACL) to restrict certain traffic. Traffic can be restricted by IP address, a group of addresses, or by protocol type. ", "publisher": { "@type": "Corporation", "name": "Cisco" } }] </script>    <script>!function(e){var n="https://s.go-mpulse.net/boomerang/";if("False"=="True")e.BOOMR_config=e.BOOMR_config||{},e.BOOMR_config.PageParams=e.BOOMR_config.PageParams||{},e.BOOMR_config.PageParams.pci=!0,n="https://s2.go-mpulse.net/boomerang/";if(window.BOOMR_API_key="GKZXC-NS3SU-A7VFH-HKBHM-U7LKH",function(){function e(){if(!o){var e=document.createElement("script");e.id="boomr-scr-as",e.src=window.BOOMR.url,e.async=!0,i.parentNode.appendChild(e),o=!0}}function t(e){o=!0;var n,t,a,r,d=document,O=window;if(window.BOOMR.snippetMethod=e?"if":"i",t=function(e,n){var t=d.createElement("script");t.id=n||"boomr-if-as",t.src=window.BOOMR.url,BOOMR_lstart=(new Date).getTime(),e=e||d.body,e.appendChild(t)},!window.addEventListener&&window.attachEvent&&navigator.userAgent.match(/MSIE [67]\./))return window.BOOMR.snippetMethod="s",void t(i.parentNode,"boomr-async");a=document.createElement("IFRAME"),a.src="about:blank",a.title="",a.role="presentation",a.loading="eager",r=(a.frameElement||a).style,r.width=0,r.height=0,r.border=0,r.display="none",i.parentNode.appendChild(a);try{O=a.contentWindow,d=O.document.open()}catch(_){n=document.domain,a.src="javascript:var d=document.open();d.domain='"+n+"';void(0);",O=a.contentWindow,d=O.document.open()}if(n)d._boomrl=function(){this.domain=n,t()},d.write("<bo"+"dy onload='document._boomrl();'>");else if(O._boomrl=function(){t()},O.addEventListener)O.addEventListener("load",O._boomrl,!1);else if(O.attachEvent)O.attachEvent("onload",O._boomrl);d.close()}function a(e){window.BOOMR_onload=e&&e.timeStamp||(new Date).getTime()}if(!window.BOOMR||!window.BOOMR.version&&!window.BOOMR.snippetExecuted){window.BOOMR=window.BOOMR||{},window.BOOMR.snippetStart=(new Date).getTime(),window.BOOMR.snippetExecuted=!0,window.BOOMR.snippetVersion=12,window.BOOMR.url=n+"GKZXC-NS3SU-A7VFH-HKBHM-U7LKH";var i=document.currentScript||document.getElementsByTagName("script")[0],o=!1,r=document.createElement("link");if(r.relList&&"function"==typeof r.relList.supports&&r.relList.supports("preload")&&"as"in r)window.BOOMR.snippetMethod="p",r.href=window.BOOMR.url,r.rel="preload",r.as="script",r.addEventListener("load",e),r.addEventListener("error",function(){t(!0)}),setTimeout(function(){if(!o)t(!0)},3e3),BOOMR_lstart=(new Date).getTime(),i.parentNode.appendChild(r);else t(!1);if(window.addEventListener)window.addEventListener("load",a,!1);else if(window.attachEvent)window.attachEvent("onload",a)}}(),"".length>0)if(e&&"performance"in e&&e.performance&&"function"==typeof e.performance.setResourceTimingBufferSize)e.performance.setResourceTimingBufferSize();!function(){if(BOOMR=e.BOOMR||{},BOOMR.plugins=BOOMR.plugins||{},!BOOMR.plugins.AK){var n=""=="true"?1:0,t="",a="bdpnbeqx2cugez5u4jga-f-2baf1fddb-clientnsv4-s.akamaihd.net",i="false"=="true"?2:1,o={"ak.v":"39","ak.cp":"61004","ak.ai":parseInt("271834",10),"ak.ol":"0","ak.cr":4,"ak.ipv":4,"ak.proto":"http/1.1","ak.rid":"ab2c607","ak.r":50230,"ak.a2":n,"ak.m":"dsca","ak.n":"essl","ak.bpcip":"8.222.208.0","ak.cport":57280,"ak.gh":"23.39.162.18","ak.quicv":"","ak.tlsv":"tls1.2","ak.0rtt":"","ak.0rtt.ed":"","ak.csrc":"-","ak.acc":"reno","ak.t":"1739907660","ak.ak":"hOBiQwZUYzCg5VSAfCLimQ==DxdwXLttjB3vaLzNSTkKfHAWDIS7Ai9J70l0akD8vd/eozVwhIcW9fAd89m9Qsmlf7Rm7FRqoebxc7KoY+KLSe01GPLWA+kk4gNKcymegXYcdEqGJvIfZIwNfDoCwCh3WFAihOXyczN8ADZCVysSHsOe61lfUbCHjlNuu7PFqaYjUGEA/uc0HIuMraNv8rogdiaRoFBDWGId9gRNVHWapsHrQr21cJpb5yBS3E4PifW32lL1xJKC0mz0rQCOkqaF127TvA2rwl4RZ4TPyrhJ6iTS386tZVqlVcpEQeJ0jOSDkScJAT/BR3uslu31V8TPDKuJfcjF9dun48zXkedwLI2jfNLBhCQIafZ96f9xW7rciawuwWfu5sWnD9/Z+uyU8uk79nksSj//BdujuzM4LhpeapTuiZVXbfR3aELT5mo=","ak.pv":"521","ak.dpoabenc":"","ak.tf":i};if(""!==t)o["ak.ruds"]=t;var r={i:!1,av:function(n){var t="http.initiator";if(n&&(!n[t]||"spa_hard"===n[t]))o["ak.feo"]=void 0!==e.aFeoApplied?1:0,BOOMR.addVar(o)},rv:function(){var e=["ak.bpcip","ak.cport","ak.cr","ak.csrc","ak.gh","ak.ipv","ak.m","ak.n","ak.ol","ak.proto","ak.quicv","ak.tlsv","ak.0rtt","ak.0rtt.ed","ak.r","ak.acc","ak.t","ak.tf"];BOOMR.removeVar(e)}};BOOMR.plugins.AK={akVars:o,akDNSPreFetchDomain:a,init:function(){if(!r.i){var e=BOOMR.subscribe;e("before_beacon",r.av,null,null),e("onbeacon",r.rv,null,null),r.i=!0}return this},is_complete:function(){return!0}}}}()}(window);</script></head> <body id="wcq" class="fw-res cdc-support cdc-eot cdc-high-density cdc-full-width cdc-transform "> <div id="fw-skiplinks"> <ul class="container"> <li><a id="skiplink-content" href="#fw-content">Skip to content</a></li> <li><a id="skiplink-search" href="#">Skip to search</a></li> <li><a id="skiplink-footer" href="#fw-footer-v2" class="last">Skip to footer</a></li> </ul> </div> <script type="module" src="/site/web-components/us/en/cdc-header.js"></script> <cdc-header></cdc-header> <nav class="fw-c-header__seo-links" aria-hidden="true" style="display:none"> <ul> <li><a tabindex="-1" href="https://www.cisco.com/site/us/en/index.html">Cisco.com Worldwide</a></li> <li><a tabindex="-1" href="/c/en/us/products/index.html">Products and Services</a></li> <li><a tabindex="-1" href="https://www.cisco.com/site/us/en/solutions/index.html">Solutions</a></li> <li><a tabindex="-1" href="/c/en/us/support/index.html">Support</a></li> <li><a tabindex="-1" href="/c/en/us/training-events.html">Learn</a></li> <li><a tabindex="-1" href="//www.cisco.com/c/en/us/about/sitemap.html">Explore Cisco</a></li> <li><a tabindex="-1" href="/c/en/us/buy.html">How to Buy</a></li> <li><a tabindex="-1" href="https://www.cisco.com/site/us/en/partners/index.html?dtid=odicdc001129">Partners Home</a></li> <li><a tabindex="-1" href="https://www.cisco.com/site/us/en/partners/cisco-partner-program/index.html?ccid=cc000864&dtid=odiprc001129">Partner Program</a></li> <li><a tabindex="-1" href="https://www.cisco.com/site/us/en/partners/support-help/index.html">Support</a></li> <li><a tabindex="-1" href="https://www.cisco.com/site/us/en/partners/tools/index.html?dtid=odiprc001129">Tools</a></li> <li><a tabindex="-1" href="https://locatr.cloudapps.cisco.com/WWChannels/LOCATR/pf/index.jsp#/">Find a Cisco Partner</a></li> <li><a tabindex="-1" href="https://www.cisco.com/site/us/en/partners/connect-with-a-partner/index.html?ccid=cc000864&dtid=odiprc001129">Meet our Partners</a></li> <li><a tabindex="-1" href="https://www.cisco.com/site/us/en/partners/index.html?dtid=odicdc001129">Become a Cisco Partner</a></li> </ul> </nav> <div id="fw-content" class="container grid"> <div class="row full blowout" data-owner="ID"> <div class="col full "> <nav id="fw-breadcrumb" class="data-based" aria-label="breadcrumbs" data-owner="ID"> <ul itemscope itemtype="//schema.org/BreadcrumbList"> <li aria-hidden="true"><a href='#' class="skip"><span></span></a></li> <li itemprop='itemListElement' itemscope itemtype='//schema.org/ListItem'><a itemprop='item' href='/c/en/us/support/index.html'><span itemprop='name'>Support</span><meta itemprop='position' content='1' /></a><span class='caret'></span></li><li itemprop='itemListElement' itemscope itemtype='//schema.org/ListItem'><a itemprop='item' href='/c/en/us/support/all-products.html'><span itemprop='name'>Product Support</span><meta itemprop='position' content='2' /></a><span class='caret'></span></li><li itemprop='itemListElement' itemscope itemtype='//schema.org/ListItem'><a itemprop='item' href='/c/en/us/support/routers/index.html'><span itemprop='name'>Routers</span><meta itemprop='position' content='3' /></a><span class='caret'></span></li><li itemprop='itemListElement' itemscope itemtype='//schema.org/ListItem'><a itemprop='item' href='/c/en/us/support/routers/small-business-rv-series-routers/series.html'><span itemprop='name'>Cisco Small Business RV Series Routers</span><meta itemprop='position' content='4' /></a><span class='caret'></span></li><li itemprop='itemListElement' itemscope itemtype='//schema.org/ListItem'><a itemprop='item' href='/c/en/us/support/routers/small-business-rv-series-routers/tsd-products-support-maintain-and-operate-technotes-list.html'><span itemprop='name'>Maintain and Operate TechNotes</span><meta itemprop='position' content='5' /></a><span class='caret'></span></li> </ul> </nav> <script> if (window.cdc === undefined) { window.cdc = {}; } if (cdc.breadcrumb === undefined) { cdc.breadcrumb = (function () { let clone = document.querySelector('#fw-breadcrumb').cloneNode(true); let appendClone = function () { let hasBreadcrumb = document.querySelector('#fw-breadcrumb') !== null, firstMarquee = document.querySelectorAll('.dmc-mq')[0]; if (!hasBreadcrumb && firstMarquee !== undefined) { firstMarquee.querySelector('.frame .inset').insertBefore(this.clone, firstMarquee.querySelector('.frame .inset').firstElementChild); } }; return { clone: clone, appendClone: appendClone } }()); } //DE380224 var anchorChild = document.getElementsByTagName("a"); for(var i=0; i<anchorChild.length; i++){ if(anchorChild[i].getAttribute("itemprop")=="item") { if ( anchorChild[i].href.includes("%3Clocale%3E") ){ let anchorChildHREF = anchorChild[i].href; let docLocale = document.querySelector('meta[name="locale"]').getAttribute('content'); let docLanguage = document.querySelector('meta[name="language"]').getAttribute('content'); var docSeparator; if ((docLocale.toLowerCase() == "us") && (docLanguage.toLowerCase() == "en")) { docSeparator="/"; } else { docSeparator="_"; } let anchorURLReplace = docLanguage.toLowerCase() + docSeparator + docLocale.toLowerCase(); anchorChildHREF = anchorChildHREF.replace("%3Clocale%3E", anchorURLReplace); anchorChild[i].setAttribute('href', anchorChildHREF); } } } </script> <h1 id="fw-pagetitle" class="" data-owner="ID">Inter-VLAN Routing on an RV34x Router with Targeted ACL Restrictions</h1> </div> </div>  <div class="row blowout wide-narrow-v2 visitedlinks"> <div class="col wide-v2"> <script> if (typeof(cdc) == "undefined") cdc={}; if (typeof(cdc.translations) == "undefined") cdc.translations={}; </script> <div class="docHeaderComponent base-blowout"> <div class="linksRow"> <div class="toolbar"> <div class="noprint" id="saveModule"> <script type="text/javascript"> cdc.util.ensureNamespace("cdc.rc.savedoc"); cdc.rc.savedoc.isLoggedIn = false; cdc.rc.savedoc.save = "Save"; cdc.rc.savedoc.saved = "Saved"; </script> <button class="save" aria-expanded="false" aria-label="Save"> <label>Save</label> </button> </div> <div class="saveDocumentMessage login cdc-expandPanel" role="region" aria-live="polite"> <a href="/c/login/index.html?referer=/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html">Log in</a> to Save Content </div>   <div class="noprint translations"> <a href="#" tabindex="-1"> <button type="button" class="translations translations-link anchor translationOptions simpleOverlay-trigger"> <div class="toolbarIcon translationsIcon"></div><label class="iconLabel" id="onlyForNonEn">Translations</label> </button> </a> </div> <div class="noprint downloadDocument"><button type="button" class="view-download-list-link anchor" aria-expanded="false"><div class="toolbarIcon downloadIcon"></div><label class="iconLabel">Download</label></button></div> <div class="noprint printDocument js-only"><button type="button" class="anchor printPage" aria-label="Print"><div class="toolbarIcon printIcon"></div><label class="iconLabel">Print</label></button></div> </div> </div>  <script language="javascript"> cdc.translations.map = "{pt-br=https://www.cisco.com/c/pt_br/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html, es-mx=https://www.cisco.com/c/es_mx/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html, ko-kr=https://www.cisco.com/c/ko_kr/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html, it-it=https://www.cisco.com/c/it_it/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html, ja-jp=https://www.cisco.com/c/ja_jp/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html, de-de=https://www.cisco.com/c/de_de/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html, fr-ca=https://www.cisco.com/c/fr_ca/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html, ar-ae=https://www.cisco.com/c/ar_ae/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html, nl-nl=https://www.cisco.com/c/nl_nl/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html, zh-tw=https://www.cisco.com/c/zh_tw/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html, zh-cn=https://www.cisco.com/c/zh_cn/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html, en-us=https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html, x-default=https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html}";//storing the map for use in the JS cdc.translations.locale="en_us"; </script> <div class="availableLanguagesList"> <h3>Available Languages</h3> <ul id="translationsList"> </ul> </div> <div id="download-list-container" class="noprint panelRow" role="region" aria-live="polite"> <div class='download-list' aria-label="Download Options"> <h3>Download Options</h3> <ul> <li> <div class="fileText"> <a href="/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.pdf" class="download-pdf"><div class="fileIcon pdfIcon"></div>PDF</a> <span class="docSize">(1.3 MB)</span> <br /> <span class="description">View with Adobe Reader on a variety of devices</span> </div> </li> <li> <div class="fileText"> <a href="/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.epub" class="download-epub"><div class="fileIcon epubIcon"></div>ePub</a> <span class="docSize">(1.3 MB)</span> <br /> <span class="description">View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone</span> </div> </li> <li> <div class="fileText"> <a href="/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.mobi" class="download-mobi"><div class="fileIcon mobiIcon"></div>Mobi (Kindle)</a> <span class="docSize">(1.0 MB)</span> <br /> <span class="description">View on Kindle device or Kindle app on multiple devices</span> </div> </li> </ul> </div> </div> <div class="infobarClearFix"> <div class="infobar"> <div class="updatedDate"><span>Updated:</span>October 8, 2019</div> <div class="documentId"><span>Document ID:</span>1570136963347284</div> </div> <div class="disclaimers support"> <div class="disclaimerButtons"> <div class="aboutBias"> <button aria-expanded="false" >Bias-Free Language</button> </div> </div> <div class="biasfreeContent panel"> <h3>Bias-Free Language</h3> <p>The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. <a href="https://www.cisco.com/c/en/us/about/social-justice/inclusive-language-policy.html">Learn more</a> about how Cisco is using Inclusive Language.</p> </div> </div> </div> </div> <script> jQuery(document).ready(function(){ if(jQuery("body").hasClass("cdc-eot-toc") && jQuery(".cdc-eot-toc").find(".DocumentHistory").length > 0){ jQuery(".cdc-eot-toc .seeRevisions").show(); if(jQuery(window).width() >= 768){ jQuery(".cdc-eot-toc .updatedDate").nextAll(".bullet").show(); } }else{ jQuery(".cdc-eot-toc .infobar .bullet").hide(); jQuery(".cdc-eot-toc .seeRevisions"); jQuery(".cdc-eot-toc .updatedDate"); } }) </script> <script src="/etc/designs/cdc/fw/clientlibs/granite-utils.min.js"></script> <script> if (window.cdc === "undefined") window.cdc={}; if (typeof cdc.rc === "undefined") cdc.rc={}; // initialize dictionary for i18n cdc.util.ensureNamespace("cdc.rc"); cdc.rc.eotkeys = { showOnly5Products : "Show Only 5 Products", showAllRowsProducts : "Show All nRows Products", supportCommunityUrl : "https://community.cisco.com/t5/technology-and-support/ct-p/technology-support", supportCommunity : "Cisco Community", thankYou : "Thank You", viewersAlso : "Customers Also Viewed", show : "Show", more : "More", showOnly3Documents: "Show Only 3 Documents" }; </script> <div id="eot-doc-wrapper"> <html> <head> <meta charset="utf-8" /> <link rel="stylesheet" type="text/css" href="https://www.cisco.com/etc/designs/cdc/transformation/support-responsive.css"/> <style type="text/css"> /*========================= Table of Contents ========================= */ /*========================= 1. Typography 2. Layout 3. Media Query ========================= */ /*========================= 1. Typography ========================= */ #eot-doc-wrapper h2, #eot-doc-wrapper h3 { color: #2b5592; } /*========================= 2. Layout ========================= */ #eot-doc-wrapper ol { list-style-position: initial; } #eot-doc-wrapper li, #eot-doc-wrapper ul, #eot-doc-wrapper ol, #eot-doc-wrapper p, #eot-doc-wrapper kbd, #eot-doc-wrapper table, #eot-doc-wrapper video { margin-left: 40px; } #eot-doc-wrapper img { max-width: calc(100% - 80px); height: auto; margin-left: 40px; margin-right: 40px; margin-bottom: 20px; } #eot-doc-wrapper table { border-collapse: collapse; width: calc(100% - 80px); } #eot-doc-wrapper td, #eot-doc-wrapper th { border: 2px solid #dfdfdf; text-align: left; padding: 10px; border-left: solid #dfdfdf 2px; border-top: solid #dfdfdf 2px; } #eot-doc-wrapper tr { border: 2px solid #dfdfdf; text-align: left; padding: 10px; border-left: solid #dfdfdf 2px; border-top: solid #dfdfdf 2px; } #eot-doc-wrapper th { background-color: #2b5592; color: #dfdfdf; } #eot-doc-wrapper tr:nth-child(odd) { background-color: #c4d6ed; } #eot-doc-wrapper kbd { display: block; font-size: 1.25rem; height: auto; background-color: #333; color: #fff; border-radius: 10px; margin-top: 1.5em; margin-bottom: 1.5em; padding-top: 1.5em; padding-left: 1em; padding-right: 0.5em; padding-bottom: 1.5em; margin-right: 40px; } #eot-doc-wrapper td>p { margin-left: 0px; } #eot-doc-wrapper th>p { margin-left: 0px; } #eot-doc-wrapper ol, #eot-doc-wrapper ul { list-style-position: initial; } #eot-doc-wrapper th>p { margin-left: 0px; } #eot-doc-wrapper li>p { margin-left: 0px; } /*========================= 3. Media Query - This comment indicates the beginning of the media query to reformat the table element. ========================= */ @media (max-width:350px) { #eot-doc-wrapper li, #eot-doc-wrapper ul, #eot-doc-wrapper ol, #eot-doc-wrapper p, #eot-doc-wrapper kbd, #eot-doc-wrapper table, #eot-doc-wrapper video { margin-left: 0px; line-height: 0.95rem; margin-right: 0px; } #eot-doc-wrapper td>p { margin-left: 0px; margin-right: 0px; } #eot-doc-wrapper th>p { margin-left: 0px; margin-right: 0px; padding: 0px; text-align: left; } #eot-doc-wrapper table { border-collapse: collapse; width: 100%; margin-left: 0px; margin-right: 0px; } #eot-doc-wrapper td, #eot-doc-wrapper th { font-size: .85rem; border: 2px solid #dfdfdf; text-align: left; border-left: solid #dfdfdf 2px; border-top: solid #dfdfdf 2px; } #eot-doc-wrapper tr { font-size: .85rem; border: 2px solid #dfdfdf; text-align: left; border-left: solid #dfdfdf 2px; border-top: solid #dfdfdf 2px; } } </style> <script>!function(e){var n="https://s.go-mpulse.net/boomerang/";if("False"=="True")e.BOOMR_config=e.BOOMR_config||{},e.BOOMR_config.PageParams=e.BOOMR_config.PageParams||{},e.BOOMR_config.PageParams.pci=!0,n="https://s2.go-mpulse.net/boomerang/";if(window.BOOMR_API_key="GKZXC-NS3SU-A7VFH-HKBHM-U7LKH",function(){function e(){if(!o){var e=document.createElement("script");e.id="boomr-scr-as",e.src=window.BOOMR.url,e.async=!0,i.parentNode.appendChild(e),o=!0}}function t(e){o=!0;var n,t,a,r,d=document,O=window;if(window.BOOMR.snippetMethod=e?"if":"i",t=function(e,n){var t=d.createElement("script");t.id=n||"boomr-if-as",t.src=window.BOOMR.url,BOOMR_lstart=(new Date).getTime(),e=e||d.body,e.appendChild(t)},!window.addEventListener&&window.attachEvent&&navigator.userAgent.match(/MSIE [67]\./))return window.BOOMR.snippetMethod="s",void t(i.parentNode,"boomr-async");a=document.createElement("IFRAME"),a.src="about:blank",a.title="",a.role="presentation",a.loading="eager",r=(a.frameElement||a).style,r.width=0,r.height=0,r.border=0,r.display="none",i.parentNode.appendChild(a);try{O=a.contentWindow,d=O.document.open()}catch(_){n=document.domain,a.src="javascript:var d=document.open();d.domain='"+n+"';void(0);",O=a.contentWindow,d=O.document.open()}if(n)d._boomrl=function(){this.domain=n,t()},d.write("<bo"+"dy onload='document._boomrl();'>");else if(O._boomrl=function(){t()},O.addEventListener)O.addEventListener("load",O._boomrl,!1);else if(O.attachEvent)O.attachEvent("onload",O._boomrl);d.close()}function a(e){window.BOOMR_onload=e&&e.timeStamp||(new Date).getTime()}if(!window.BOOMR||!window.BOOMR.version&&!window.BOOMR.snippetExecuted){window.BOOMR=window.BOOMR||{},window.BOOMR.snippetStart=(new Date).getTime(),window.BOOMR.snippetExecuted=!0,window.BOOMR.snippetVersion=12,window.BOOMR.url=n+"GKZXC-NS3SU-A7VFH-HKBHM-U7LKH";var i=document.currentScript||document.getElementsByTagName("script")[0],o=!1,r=document.createElement("link");if(r.relList&&"function"==typeof r.relList.supports&&r.relList.supports("preload")&&"as"in r)window.BOOMR.snippetMethod="p",r.href=window.BOOMR.url,r.rel="preload",r.as="script",r.addEventListener("load",e),r.addEventListener("error",function(){t(!0)}),setTimeout(function(){if(!o)t(!0)},3e3),BOOMR_lstart=(new Date).getTime(),i.parentNode.appendChild(r);else t(!1);if(window.addEventListener)window.addEventListener("load",a,!1);else if(window.attachEvent)window.attachEvent("onload",a)}}(),"".length>0)if(e&&"performance"in e&&e.performance&&"function"==typeof e.performance.setResourceTimingBufferSize)e.performance.setResourceTimingBufferSize();!function(){if(BOOMR=e.BOOMR||{},BOOMR.plugins=BOOMR.plugins||{},!BOOMR.plugins.AK){var n=""=="true"?1:0,t="",a="bdpnbeqx2cugez5u4jga-f-2baf1fddb-clientnsv4-s.akamaihd.net",i="false"=="true"?2:1,o={"ak.v":"39","ak.cp":"61004","ak.ai":parseInt("271834",10),"ak.ol":"0","ak.cr":4,"ak.ipv":4,"ak.proto":"http/1.1","ak.rid":"ab2c607","ak.r":50230,"ak.a2":n,"ak.m":"dsca","ak.n":"essl","ak.bpcip":"8.222.208.0","ak.cport":57280,"ak.gh":"23.39.162.18","ak.quicv":"","ak.tlsv":"tls1.2","ak.0rtt":"","ak.0rtt.ed":"","ak.csrc":"-","ak.acc":"reno","ak.t":"1739907660","ak.ak":"hOBiQwZUYzCg5VSAfCLimQ==DxdwXLttjB3vaLzNSTkKfHAWDIS7Ai9J70l0akD8vd/eozVwhIcW9fAd89m9Qsmlf7Rm7FRqoebxc7KoY+KLSe01GPLWA+kk4gNKcymegXYcdEqGJvIfZIwNfDoCwCh3WFAihOXyczN8ADZCVysSHsOe61lfUbCHjlNuu7PFqaYjUGEA/uc0HIuMraNv8rogdiaRoFBDWGId9gRNVHWapsHrQr21cJpb5yBS3E4PifW32lL1xJKC0mz0rQCOkqaF127TvA2rwl4RZ4TPyrhJ6iTS386tZVqlVcpEQeJ0jOSDkScJAT/BR3uslu31V8TPDKuJfcjF9dun48zXkedwLI2jfNLBhCQIafZ96f9xW7rciawuwWfu5sWnD9/Z+uyU8uk79nksSj//BdujuzM4LhpeapTuiZVXbfR3aELT5mo=","ak.pv":"521","ak.dpoabenc":"","ak.tf":i};if(""!==t)o["ak.ruds"]=t;var r={i:!1,av:function(n){var t="http.initiator";if(n&&(!n[t]||"spa_hard"===n[t]))o["ak.feo"]=void 0!==e.aFeoApplied?1:0,BOOMR.addVar(o)},rv:function(){var e=["ak.bpcip","ak.cport","ak.cr","ak.csrc","ak.gh","ak.ipv","ak.m","ak.n","ak.ol","ak.proto","ak.quicv","ak.tlsv","ak.0rtt","ak.0rtt.ed","ak.r","ak.acc","ak.t","ak.tf"];BOOMR.removeVar(e)}};BOOMR.plugins.AK={akVars:o,akDNSPreFetchDomain:a,init:function(){if(!r.i){var e=BOOMR.subscribe;e("before_beacon",r.av,null,null),e("onbeacon",r.rv,null,null),r.i=!0}return this},is_complete:function(){return!0}}}}()}(window);</script></head> <h2 id="objective"><strong>Objective</strong></h2> <p>This article explains how to configure Inter-Virtual Local Area Network (VLAN) routing on an RV34x series router with targeted Access Control List (ACL) to restrict certain traffic. Traffic can be restricted by IP address, a group of addresses, or by protocol type.</p> <h2 id="introduction"><strong>Introduction</strong></h2> <p>VLANs are great, they define broadcast domains in a Layer 2 network. Broadcast domains are typically bounded by routers because routers do not forward broadcast frames. Layer 2 switches create broadcast domains based on the configuration of the switch. Traffic cannot pass directly to another VLAN (between broadcast domains) within the switch or between two switches. VLANs give you the ability to keep different departments independent from each other. For example, you might not want the sales department to have any involvement with the accounting department.</p> <p>Independence is fantastic, but what if you want the end users in the VLANs to be able to route between each other? The sales department might need to submit records or timesheets to the accounting department. The accounting department might want to send notifications to the sales team on their paychecks or sales numbers. That is when inter-VLAN routing saves the day!</p> <p>For inter-VLAN communication, an Open Systems Interconnections (OSI) layer 3 device, usually a router, is needed. This layer 3 device needs to have an Internet Protocol (IP) address in each VLAN interface and have a connected route to each of those IP subnets. The hosts in each IP subnet can then be configured to use the respective VLAN interface IP addresses as their default gateway. Once configured, end users can send a message to an end user in the other VLAN. Sounds perfect, right?</p> <p>But wait, what about the server in accounting? There is sensitive information on that server that has to stay protected. Have no fear, there is a solution to that too! Access Rules or policies on the RV34x series router allow the configuration of rules to increase security in the network. ACLs are lists that block or allow traffic from being sent to and from certain users. Access Rules can be configured to be in effect all the time or based on defined schedules.</p> <p>This article will walk you through the steps of configuring a second VLAN, inter-VLAN routing, and an ACL.</p> <h2 id="applicable-devices"><strong>Applicable Devices</strong></h2> <ul> <li>RV340</li> <li>RV340W</li> <li>RV345</li> <li>RV345P</li> </ul> <h2 id="software-version"><strong>Software Version</strong></h2> <ul> <li>1.0.03.16</li> </ul> <h2 id="topology"><strong>Topology</strong></h2> <img src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions-image-1.png" style="width:6.5in;height:3.39097in"/> <p>In this scenario, inter-VLAN routing will be enabled for both VLAN1 and VLAN2 so that users in these VLANs can communicate with each other. As a security measure, we will prevent VLAN2 users from being able to access the VLAN1 server [Internet Protocol version 4 (IPv4): 192.168.1.10 /24].</p> <p>Router ports used:</p> <ul> <li>The Personal Computer (PC) in VLAN1 is connected on the <em>LAN1</em> port.</li> <li>The Personal Computer (PC) in VLAN2 is connected on the <em>LAN2</em> port.</li> <li>The server in VLAN1 is connected on the <em>LAN3</em> port.</li> </ul> <h2 id="configuration"><strong>Configuration</strong> </h2> <p>Step 1. Log in to the web-configuration utility of the router. To add a new VLAN interface on the router, navigate to <strong>LAN > LAN/DHCP Settings</strong> and click on the <strong>plus icon</strong> under the <em>LAN/DHCP Settings Table</em>.</p> <img src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions-image-2.png" alt=""/> <p><strong>Note:</strong> The VLAN1 interface is created on the RV34x router by default and the Dynamic Host Configuration Protocol (DHCP) server for IPv4 is enabled on that.</p> <p>Step 2. A new pop-up window will open with <em>VLAN2</em> <strong>Interface</strong> selected, click <strong>Next</strong>.</p> <img src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions-image-3.png" style="width:6.5in;height:2.85486in"/> <p>Step 3. To enable the DHCP server on the VLAN2 interface, under <em>Select DHCP Type for IPv4</em> select <strong>Server</strong>. Click <strong>Next</strong>.</p> <img src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions-image-4.png" style="width:6.5in;height:2.93056in"/> <p>Step 4. Enter the DHCP server configuration parameters including <em>Client Lease Time, Range Start, Range End</em>, and <em>DNS Server.</em> Click <strong>Next</strong>.</p> <img src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions-image-5.png" alt="C:\Users\sparia\AppData\Local\Temp\SNAGHTML102d913.PNG" style="width:6.5in;height:6.52778in"/> <p>Step 5. (Optional) You may disable the <em>DHCP Type for IPv6</em> by selecting the <strong>Disabled</strong> check box as this example is based on IPv4. Click <strong>OK</strong>. DHCP server configuration is complete.</p> <p><strong>Note</strong>: You may use IPv6.</p> <img src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions-image-6.png" style="width:6.5in;height:3.08958in"/> <p>Step 6. Navigate to <strong>LAN > VLAN Settings</strong> and verify that the <em>Inter-VLAN Routing</em> is enabled for both the VLANs, VLAN1 and VLAN2. This configuration will enable the communications between both the VLANs. Click <strong>Apply</strong>.</p> <img src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions-image-7.png" style="width:6.5in;height:2.08264in"/> <p>Step 7. To assign the untagged traffic for VLAN2 on the <em>LAN2</em> port, click on the edit button under the <em>VLANs to Port Table</em> option. Now, under the <em>LAN2</em> port select the <strong>T</strong> (Tagged) option for <em>VLAN1</em> and <strong>U</strong> (Untagged) option for <em>VLAN2</em> from the drop-down menu. Click <strong>Apply</strong> to save the configuration. This configuration will forward the untagged traffic for VLAN2 on LAN2 port so that the PC Network Interface Card (NIC), normally not capable of VLAN tagging, can get the DHCP IP from VLAN2 and be a part of VLAN2.</p> <img src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions-image-8.png" style="width:6.5in;height:2.43681in"/> <p>Step 8. Verify that the VLAN2 settings for the <em>LAN2</em> port is showing as U <em>(Untagged)</em>. For the remaining LAN ports VLAN2 settings will <em>T (Tagged)</em> and VLAN1 traffic will be <em>U (Untagged)</em>.</p> <img src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions-image-9.png" style="width:6.5in;height:2.26389in"/> <p>Step 9. Navigate to <strong>Status and Statistics > ARP</strong> <strong>Table</strong> and verify the dynamic <em>IPv4 Address</em> for the PCs are on different VLANs.</p> <p><strong>Note:</strong> The server IP on VLAN1 has been assigned statically.</p> <img src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions-image-10.png" alt="C:\Users\sparia\AppData\Local\Temp\SNAGHTML1a6148d.PNG" style="width:6.5in;height:2.23254in"/> <p>Step 10. Apply ACL to restrict the server (IPv4: 192.168.1.10/24) access from VLAN2 users. To configure the ACL, navigate to <strong>Firewall > Access Rules</strong> and click on the <strong>plus icon</strong> to add a new rule.</p> <img src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions-image-11.png" style="width:6.5in;height:1.88819in"/> <p>Step 11. Configure the <em>Access Rules</em> parameters. For this scenario the parameters will be as follows:</p> <ul> <li><p><em>Rule Status: Enable</em></p></li> <li><p><em>Action: Deny</em></p></li> <li><p><em>Services: All Traffic</em></p></li> <li><p><em>Log: True</em></p></li> <li><p><em>Source Interface: VLAN2</em></p></li> <li><p><em>Source Address: Any</em> </li> <li><p><em>Destination Interface: VLAN1</em></p></li> <li><p><em>Destination Address: Single IP 192.168.1.10</em> </li> <li><p><em>Schedule Name: Anytime</em></p></li> </ul> <p>Click <strong>Apply</strong>.</p> <p><strong>Note:</strong> In this example, we denied access of any devices from VLAN2 to the server, and then permitting access to the other devices on in VLAN1. Your needs may vary.</p> <img src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions-image-12.png" style="width:6.5in;height:3.13681in"/> <p>Step 12. The <em>Access Rules</em> list will show as follows:</p> <img src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions-image-15.png" style="width:6.5in;height:1.82847in"/> <p>The access rule is defined defined explicitly to restrict the server, 192.168.1.10, access from the VLAN2 users. </p> <h2 id="verification"><strong>Verification</strong></h2> <p>To verify the service, open the command prompt. On Windows platforms this can be achieved by clicking the Windows button and then typing <strong>cmd</strong> in the lower left-hand search box on the computer and select <strong>Command Prompt</strong> from the menu.</p> <p>Enter the following commands:</p> <ul> <li>On PC (192.168.3.173) in VLAN2, ping the server (IP: 192.168.1.10). You will get a <em>Request timed out</em> notification which means communication is not allowed.</li> <li>On PC (192.168.3.173) in VLAN2, ping the other PC (192.168.1.109) in VLAN1. You will get a successful reply.</li> </ul> <img src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions-image-14.png" alt="" style="width:5.68056in;height:6.26389in"/></a> <h2 id="conclusion"><strong>Conclusion</strong></h2> <p>You have seen the necessary steps to configure inter-VLAN routing on a RV34x series router and how to do a targeted ACL restriction. Now you can take all that knowledge and use it to create VLANs in your network that will fit your needs!</p> </body> </html> <cdc:do action="com.cisco.wem.framework.service.command.eotcontent.EOTResponsiveContent@41e6d3dc" returnTypedAs="eotResponsiveContainerVo" id="eotResponsiveContainerVo" /> <div class="row full visitedlinks" style="padding: 0px; margin:0px"> <div class="col full" > </div> </div> </div> <script> if (window.cdc === undefined) { cdc = {}; } if (cdc.eot === undefined) { cdc.eot = {}; } cdc.eot.isEot = true; cdc.eot.isToc = false; jQuery(document).ready(function () { if (jQuery('.unpublished').length > 0) { let lastRel = "1.0"; if (jQuery('.published').length > 0) { lastRel = Number(jQuery('.published td')[0].innerText) + 1 + ".0"; } jQuery('.preview_revision').text(lastRel); } const linkItemsLen = jQuery("#eot-doc-wrapper link[rel='stylesheet']").length; function addNewTocStyleSheet() { let fileName="/etc/designs/cdc/transformation/wemdcmt_responsive.css", $head = jQuery("head"), linkElement = "<link rel='stylesheet' href='"+fileName+"' type='text/css' >"; $head.append(linkElement); } if (cdc.eot.isToc && !linkItemsLen) { addNewTocStyleSheet(); } else if (cdc.eot.isEot) { jQuery("#eot-doc-wrapper link[rel='stylesheet']").each(function () { const linkTag = jQuery(this), hrefVal = jQuery(linkTag).attr("href"); if (hrefVal != undefined && hrefVal.indexOf("support-responsive.css") == -1 && hrefVal.indexOf("_responsive.css") == -1) { let fileName = hrefVal.substr(hrefVal.lastIndexOf("/") + 1, hrefVal.length).split(".css")[0]; const filePath = "/etc/designs/cdc/transformation/"; if (fileName == "ccimr") { fileName = "techdocs_responsive"; } else if (fileName == "support-docs") { fileName = "support-responsive"; } else if (fileName == "framework") { fileName = "responsiveframework"; } else if (fileName == "dcmt") { fileName = "wemdcmt_responsive"; } else if (fileName == "techdocs_85_11_word") { fileName = "techdocs_85_11_word"; if (cdc.eot.isToc) { addNewTocStyleSheet(); } } else { fileName += "_responsive"; } jQuery(linkTag).attr("href", filePath + fileName + ".css"); } if (hrefVal.indexOf("support-responsive.css") > -1) { jQuery(linkTag).attr("href", "/etc/designs/cdc/transformation/support-responsive.css"); } }); jQuery("#eot-doc-wrapper > table").wrap("<div></div>"); jQuery("#eot-doc-wrapper table:not('.olh_note')").parent().css({ overflowX: "auto" }); } }); </script> </div> <div class="col narrow-v2"> <div class="rightRailComponent base-blowout"> <div class="eotPersonalization"> <section id="eotSupportCampaign"></section> </div>   <div class="hideComponent"> <div class="tac-image"> <script type="text/javascript"> document.getElementsByClassName('tac-image')[0].parentElement.style.display="none"; </script> </div> </div> <div class="hideComponent"> <div class="eot-authors"> <ul> </ul> </div> </div>  <div class="eot-feedback-container"> <div class="eot-feedback"> <h3>Was this Document Helpful?</h3> <span class="eot-feedback-btnwrap"> <button class="eot-feedback-btn eot-feedback-btn-yes" aria-label="Was this Document Helpful?? Yes">Yes</button> <button class="eot-feedback-btn eot-feedback-btn-no" aria-label="Was this Document Helpful?? No">No</button> </span> <span lang="en" class="eot-feedback-olwrap"> <a href="javascript: void(0);" class="eot-feedback-ol" onclick="window.open('https://ciscocx.qualtrics.com/jfe/form/SV_dpqK8gJRAW2GHCC?Ref=' + location.href + '&resize=false', 'feedback', 'width=650, height=460, scrollbars=1, menubar=1, resizable=1'); return false;"> <img id="feedback_img" border="0" style="cursor: pointer;" title="Feedback" src="//www.cisco.com/c/dam/cdc/i/Feedback_OceanBlue.png" alt="Feedback">Feedback</a> </span> </div> </div> <div class="hideComponent"> <div class="eot-vav"> <ul> </ul> </div> </div> <div class="hideComponent"> <div class="eotLetUsHelp"> <h3>Contact Cisco</h3> <ul> <li><a id="eotLetUsHelpProdDocUrl" href="https://mycase.cloudapps.cisco.com/start?prodDocUrl=">Open a Support Case</a><img src="/etc/designs/cdc/fw/i/icon_lock_small.png" alt="login required"/></li> <li>(Requires a <a href="//www.cisco.com/c/en/us/services/order-services.html">Cisco Service Contract</a>)</li> </ul> </div> <script> jQuery(document).ready(function() { var getURL=jQuery("#eotLetUsHelpProdDocUrl").attr("href"), domInd = location.href.indexOf('cisco.com') ; if ( domInd > -1 && domInd < location.href.search(/\w\/\w/) ) { getURL += encodeURI(location.href); } jQuery("#eotLetUsHelpProdDocUrl").attr("href",getURL); }); </script> </div>  <div id="eotRightRailMBox">  <div> <div class="mboxDefault"></div> <script type="text/javascript"> var test=""; if(test!=undefined && test.trim().length>0){ mboxCreate('en-us_dg_support_eot','type=default',''); }else{ mboxCreate('en-us_dg_support_eot','type=default'); } </script> </div> </div> <div class="hideComponent"> <script type="text/javascript"> var eottdatp = document.getElementsByClassName('eot-tdatp'); if (eottdatp && eottdatp.style) { eottdatp.style.display="none"; } </script> </div> <div class="showClass"> </div> </div> </div> </div>   </div> <script type="module" src="/site/web-components/us/en/cdc-footer.js"></script> <cdc-footer></cdc-footer> <script type="text/javascript"> if(document.querySelector('#privacy-manager')!=null){ document.querySelector('#privacy-manager').href='#cookies'; } </script> <div id="fw-overlay"></div> <script src="/etc/designs/cdc/fw/b/responsive/js/eot.min.js"></script> <script src="/c/dam/cdc/t/ctm.js" type="text/javascript"></script>  <noscript><img src="//cisco.112.2o7.net/b/ss/cisco-mobile/5/12345" width="2" height="2" border="0" alt=""/></noscript> </body> </html>

CINXE.COM

Inter-VLAN Routing on an RV34x Router with Targeted ACL Restrictions - Cisco