- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Aruba & ProVision-based
- >
- HP-5406zl access list
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-13-2015 05:29 AM
01-13-2015 05:29 AM
HP-5406zl access list
hellow
i m lado from georgia
please tell me if you can, i have 4 group vlan, 192.168.1.0, 192.168.2.0, 192.168.3.0, 192.168.4.0 and i want to block vlan group 192.168.4.0 users, that they can not comunicate with other vlan groups. how i can make this? with access-list? i dont know commands to do this. please if you undarstand what i mean help me
best regards,
lado
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-13-2015 06:24 PM
01-13-2015 06:24 PM
Re: HP-5406zl access list
ip access-list extended "block-subnet-4"
deny ip 192.168.4.0 0.0.0.255 any
permit ip any any
vlan 4
ip access-group block-subnet-4 in
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-14-2015 02:40 AM
01-14-2015 02:40 AM
Re: HP-5406zl access list
I have made this commands, and the Vlan 192.168.4.0 users cannot connect to the enternet, i want that they can conncet enternet but cannot comunicate with other vlan groups, for example, 192.168.4.0 vlan group user cannot ping 192.168.3.0, 192.168.2.0, 192.168.1.0 vlan groups, is it possible?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-14-2015 06:11 AM - edited 01-14-2015 03:50 PM
01-14-2015 06:11 AM - edited 01-14-2015 03:50 PM
Re: HP-5406zl access list
Just replace the "any" in the deny line with a subnet you want to block, eg, "192.168.0.1 0.0.0.255".
Create another deny line for each subnet you need blocked.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-14-2015 06:37 AM
01-14-2015 06:37 AM
Re: HP-5406zl access list
thank you very much,
and if you can tell me
if i want to permit Specific IP ADDRESS from 192.168.4.0 vlan group , i can do this :
"permit ip 192.168.4.x 0.0.0.255 192.168.0.1 0.0.0.255" ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-14-2015 03:50 PM - edited 01-14-2015 03:57 PM
01-14-2015 03:50 PM - edited 01-14-2015 03:57 PM
Re: HP-5406zl access list
Specific host to anything in the 192.168.1.0/24 subnet:
permit ip host 192.168.4.43 192.168.1.0 0.0.0.255
Specific host to specific host:
permit ip host 192.168.4.43 host 192.168.1.21
Put the most specific lines at the top of the list, so the logic is:
permit specific host
deny all other hosts