ACLs can be configured on the router port to mitigate private VLAN
attacks. VLAN ACLs (VACLs) can also be used to help mitigate the effects of
private VLAN attacks. An example of using ACLs on the router port is if a
server farm segment were 172.16.34.0/24, then configuring the ACLs shown in
Figure
on the default
gateway would mitigate the private VLAN proxy attack.