Alcatel Unleashed

Hi everyone,

So I had to create an SSID on an OmniVista 2500 only for tablet use. These are automatically mapped into VLAN 403 and cannot communicate with each other.
But now I would like to make it so that it can only communicate with the internet, dns, dhcp and the radius server.

DNS, DHCP and RADIUS are in VLAN 100 accessible by a single IP address while my exit to the internet is done via a firewall in VLAN 101.

So my question is : How can I only authorize the flows mentioned above without using any ACL (policy condition) ?

Thanks

You need routing and you need policies. The policies you should configure at your router=gateway (switch or firewall).
For you private-vlan is not a solution. You need ACL/policies.
BR Silvio

Ok thank you.
So it is not at all possible to go with anything other than ACLs? Because ACLs are good but if the network evolves it takes a long time to update them all.

To forbid routing you need only to configure the rules at the router.
But I prefer to configure the rules at the edge too. For this you can use OV (f.e. with cli scripts) to configure all access switches in one step.