- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Aruba & ProVision-based
- >
- Re: Creating ACL on HP 5400
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-09-2015 02:59 PM
10-09-2015 02:59 PM
Creating ACL on HP 5400
I'm looking for some advice on creating and applying an ACL on one of our HP 5400's.
Here's the scenario:
I need to create an ACL to deny certain networks from accessing port 8443 on one of our servers and allow everyone else. I'm not sure if it'd be a VLAN ACL, because some of the users I need to block are on the same VLAN/network as the server itself. I've been playing around with a VLAN ACL and even placing the ACL on the port the server is connected to using a single test IP, but no luck
Here's what I've been trying:
>ip access-list extended Block_8443
>deny TCP host (test machine IP) host (server IP address) eq 8443
>permit ip any any
> vlan # ip access-group Block_8443 out
The test machine IP is on a completely different network than the server. With the ACL applied, from that PC I can get to the server's webpage on port 8443. I even tried just putting deny IP host (test machine IP) host (server IP address) in the ACL, but I can still get to the server from that PC.
Any advice?
- Tags:
- ACLs
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-09-2015 04:19 PM
10-09-2015 04:19 PM
Re: Creating ACL on HP 5400
After some testing, I did figure this out. I guess I just needed to apply it to the VLAN with the server as a VLAN ACL (if that makes sense).
Here's what worked for me:
>ip access-list extended Block_8443
>deny tcp x.x.x.x/24 host <server ip> eq 8443
>deny tcp x.x.x.x/24 host <server ip> eq 8443
>deny tcp x.x.x.x/24 host <server ip> eq 8443
>permit ip any any
>vlan # ip access-group Block_8443 vlan
Hope this helps anyone having the same issue I did.