HP-5406zl access list

ladopetrucci · ‎01-13-2015

hellow

i m lado from georgia

please tell me if you can, i have 4 group vlan, 192.168.1.0, 192.168.2.0, 192.168.3.0, 192.168.4.0 and i want to block vlan group 192.168.4.0 users, that they can not comunicate with other vlan groups. how i can make this? with access-list? i dont know commands to do this. please if you undarstand what i mean help me

best regards,

lado

Vince-Whirlwind · ‎01-13-2015

ip access-list extended "block-subnet-4"
deny ip 192.168.4.0 0.0.0.255 any
permit ip any any

vlan 4
ip access-group block-subnet-4 in

ladopetrucci · ‎01-14-2015

I have made this commands, and the Vlan 192.168.4.0 users cannot connect to the enternet, i want that they can conncet enternet but cannot comunicate with other vlan groups, for example, 192.168.4.0 vlan group user cannot ping 192.168.3.0, 192.168.2.0, 192.168.1.0 vlan groups, is it possible?

Vince-Whirlwind · ‎01-14-2015

Just replace the "any" in the deny line with a subnet you want to block, eg, "192.168.0.1 0.0.0.255".
Create another deny line for each subnet you need blocked.

ladopetrucci · ‎01-14-2015

thank you very much,

and if you can tell me

if i want to permit Specific IP ADDRESS from 192.168.4.0 vlan group , i can do this :

"permit ip 192.168.4.x 0.0.0.255 192.168.0.1 0.0.0.255" ?

Vince-Whirlwind · ‎01-14-2015

Specific host to anything in the 192.168.1.0/24 subnet:

permit ip host 192.168.4.43 192.168.1.0 0.0.0.255

Specific host to specific host:

permit ip host 192.168.4.43 host 192.168.1.21

Put the most specific lines at the top of the list, so the logic is:

permit specific host

deny all other hosts

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

HP-5406zl access list

HP-5406zl access list

Re: HP-5406zl access list

Re: HP-5406zl access list

Re: HP-5406zl access list

Re: HP-5406zl access list

Re: HP-5406zl access list