Hi! We have several A5800-48G Switches in an IRF Configuration and want to isolate the Management Traffic to the Switches using a separate VLAN routet via the Firewall. As the A5800 has several Virtual Interfaces with IP Addresses, the switch management can be reached in those VLANs which should not be allowed. Questions: Must we use ACLs to achieve this or is there an 'easier' possibility? How could we isolate the traffic using ACLs in an easy way (we normally don't want ACLs on routing switches...)? Any ideas? With regards Manfred
#ManagementVLAN