- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- LAN Routing
- >
- Improve my ACL's configuration
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-27-2021 09:49 AM - edited 03-27-2021 10:23 AM
03-27-2021 09:49 AM - edited 03-27-2021 10:23 AM
Improve my ACL's configuration
Hello,
Excuse me for my english, but I'm French
I would like to improve my ACL configuration
My switches are HPE FlexNetwork 5510 (JH148A) and use Comware firmware.
My Network is :
Hyper-V servers' Network > Vlan 5 : 192.168.5.0
My servers' Network > Vlan 6 : 192.168.6.0
My users' Network > Vlan 7 : 192.168.7.0
My current ACL' s configuration is :
system-view
> acl number 3000
rule 10 permit IP destination 192.168.5.0 0.0.0.255
rule 11 permit IP destination 192.168.6.0 0.0.0.255
rule 20 deny IP
interface vlan-interface 5
packet-filter 3000 inbound
The active directory's server is currently in the vlan 7. The IP address of this server is 192.168.7.80
Please could you tell me how allow the Hyper-V's server to authenticate with this LDAP's server.
I tried :
system-view
> acl number 3000
rule 10 permit IP destination 192.168.5.0 0.0.0.255
rule 11 permit IP destination 192.168.6.0 0.0.0.255
rule 12 permit tcp source 192.168.7.80 0 source-port eq 389
rule 13 permit udp source 192.168.7.80 0 source-port eq 389
rule 20 deny IP
interface vlan-interface 5
packet-filter 3000 inbound
I also tried :
system-view
> acl number 3000
rule 10 permit IP destination 192.168.5.0 0.0.0.255
rule 11 permit IP destination 192.168.6.0 0.0.0.255
rule 12 permit tcp source 192.168.7.80 0 source-port eq 389
rule 13 permit udp source 192.168.7.80 0 source-port eq 389
rule 14 permit tcp source 192.168.5.0 0.0.0.255 source-port eq 389
rule 15 permit udp source 192.168.5.0 0.0.0.255 source-port eq 389
rule 20 deny IP
interface vlan-interface 5
packet-filter 3000 inbound
But that didn't work
Please, I would like the Hyper-V can autheticate on Active Directory's server without this server being able to access the vlan 5 ?
Thank you for your help
Regards,
- Tags:
- ACL's Configuration
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-23-2021 09:35 AM
04-23-2021 09:35 AM
Re: Improve my ACL's configuration
Hello,
Have you got the solution or issue is till present?
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-26-2021 12:19 AM
04-26-2021 12:19 AM
Re: Improve my ACL's configuration
hello,
No, I haven't got the solution.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-07-2021 07:12 AM
05-07-2021 07:12 AM
Re: Improve my ACL's configuration
Hello,
What is the LDAP server config configured in switch?
Have you configured AAA in the switch?
Thanks!