- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Aruba & ProVision-based
- >
- Re: ACL's to restrict access to VLAN's on Procurve...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-14-2011 03:11 AM
07-14-2011 03:11 AM
ACL's to restrict access to VLAN's on Procurve 5412xl
Hi,
Hope you can help with this :)
We have enaled IP routing on the above switch with various VLAN's which all route between each other fine. We have one VLAN acting as the core network which has the default gateway out of the building for internet access on it whereas the other VLAN's are for seperate departments. We need to restrict access to the network so each of the department VLAN's are unable to access each other but all VLAn's can access the core network and core nework can access the department VLAN's. We need this access because we have incoming VPN's which need to be able to access the department VLAN's depending on which user is logging into the firewall.
I've tried setting up Standard ACL which permitted the following Ip range - 192.168.0.0 0.0.1.255 which as I understand the wildcard subnetting would allow the 192.168.1.0 (Core network) range onto the VLAN but nothing above it (192.168.2.0/24 onwards is the department vlans) . This ACL is then applied to the VLAN as a VACL rather than inbound or outbound - However when I set this all traffic seems to be blocked. I had to specify a further permit for the IP range of the departments network eg 192.168.2.0 0.0.0.255 which then allowed the devices within the VLAN to access the internet - unfortunately this also allowed other VLAN's to access devices on this VLAN so defeated my ideas of security.
Any idea's on how I should acheive this or where I'm going wrong. Should I be using inbound/outbound ACLs instead? If so what should be my IP/Subnetting as the reverse wildcard function is a little confusing.
Thanks in advance.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-14-2011 10:56 PM
07-14-2011 10:56 PM
Re: ACL's to restrict access to VLAN's on Procurve 5412xl
Paul