Forum Discussion

greenasp_41938's avatar
greenasp_41938
Icon for Nimbostratus rankNimbostratus
May 01, 2013

VLAN Segmentation

The intent is to keep a non-active IIS server in one vlan from communicating with the active pool members in another vlan. However, I have a problem getting it to work. Does anyone see what I might be doing wrong?

 

 

when LB_SELECTED {

 

Rejects connection if the source and destination IP addresses are not both VLAN1

 

if { [IP::addr [IP::client_addr]/24 equals 10.217.1.0] and {not[IP::addr [LB::server addr]/24 equals 10.217.1.0]} } {

 

 

reject

 

Rejects connection if the source and destination IP addresses are not both VlAN2

 

} elseif { [IP::addr [IP::client_addr]/24 equals 10.217.49.0] and {not[IP::addr [LB::server addr]/24 equals 10.217.49.0]} } {

 

 

reject

 

 

} else {

 

forward

 

 

}

 

}