HPE Community
M and MSM Series
1753481 Members
4403 Online
108794 Solutions
New Discussion

Public Access Attributes and ACL question?

 
Cajuntank MS
Valued Contributor

‎01-18-2012 01:57 PM

‎01-18-2012 01:57 PM

Public Access Attributes and ACL question?

Ok, here's my basic setup. I have a MSM765 mobility controller with an access controlled VSC using HTML authentication for guests. I am using the Internet port for this traffic which in turn is on a DMZ off of my firewall. I have firewall and NAT turned off on the MSM controller. My LAN port is being used for another VSC (not access controlled)  for my internal LAN and I have a ACL on the controller that denies that subnet. So something like:

 

factory, DENY, all, 10.0.0.0/16,all

 

This config works great for me with the exception of I need to provide access to my email server over 443 on my LAN. I created another ACL

 

factory, ACCEPT, all, 10.1.1.10/32, all

 

and placed it before the DENY statement above (I was using "all" to keep it plain before I specified tcp and 443 for protocol and port; however, while I could ping the server, I could not browse to it. The email server is using a public certificate from Digicert and I mention this just because of some reading that maybe I might need to import their certificate chain into the controller? Anyway, if anyone can point me in the right direction, that would help.

 

Thanks.  

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.