https://community.hpe.com/t5/security-e-series/hp-5406-access-list-on-vlan/m-p/6036919#M209 <P>Hi</P><P>&nbsp;</P><P>I have a Student VLAN and an IT Services VLAN</P><P>&nbsp;</P><P>I wish to be able to TCP from IT to student, but do not wish to be able to TCP from Student to IT Services</P><P>&nbsp;</P><P>I have tried using</P><P>&nbsp;</P><P>access-list 101 permit source destination established</P><P>&nbsp;</P><P>but this allows tcp in both directions, unless I have the syntax wrong or have missed something.</P><P>&nbsp;</P><P>do I need to add things like gt 1023 or ACK,RST</P><P>&nbsp;</P><P>regards</P> Mon, 22 Apr 2013 09:03:24 GMT furtlegog 2013-04-22T09:03:24Z https://community.hpe.com/t5/security-e-series/hp-5406-access-list-on-vlan/m-p/6036919#M209 <P>Hi</P><P>&nbsp;</P><P>I have a Student VLAN and an IT Services VLAN</P><P>&nbsp;</P><P>I wish to be able to TCP from IT to student, but do not wish to be able to TCP from Student to IT Services</P><P>&nbsp;</P><P>I have tried using</P><P>&nbsp;</P><P>access-list 101 permit source destination established</P><P>&nbsp;</P><P>but this allows tcp in both directions, unless I have the syntax wrong or have missed something.</P><P>&nbsp;</P><P>do I need to add things like gt 1023 or ACK,RST</P><P>&nbsp;</P><P>regards</P> Mon, 22 Apr 2013 09:03:24 GMT https://community.hpe.com/t5/security-e-series/hp-5406-access-list-on-vlan/m-p/6036919#M209 furtlegog 2013-04-22T09:03:24Z https://community.hpe.com/t5/security-e-series/hp-5406-access-list-on-vlan/m-p/6195861#M231 <P>You'll have to apply the ACL as "in" or "out" on a VLAN. I'd recommend checking out the ACL part of the Configuration &amp; Management Guide for the K-series (HP 5400/8200/3500). I always refer to it when making ACLs. You can specify standard or extended ACLs, then apply them in different ways.</P> Fri, 06 Sep 2013 13:32:54 GMT https://community.hpe.com/t5/security-e-series/hp-5406-access-list-on-vlan/m-p/6195861#M231 jjx042 2013-09-06T13:32:54Z