Community
Switches, Hubs, and Modems
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

2510-24

 
SOLVED
Go to solution
cenk sasmaztin
cenk sasmaztin
Honored Contributor

‎05-15-2008 11:56 PM

‎05-15-2008 11:56 PM

Re: 2510-24

Configuring Protected Ports
There are situations where you want to provide internet access to users but
prevent them from accessing each other. To achieve this control, you can use
the protected-ports command. The command applies per-port, and filters the
outbound traffic from a port. This allows the configuration of two port groups
on a switchâ protected ports and unprotected ports. The ports have these
characteristics:
â   Traffic from protected ports is not forwarded to other protected ports.
â   Protected ports can communicate with unprotected ports, but not
with each other.
â   Unprotected ports can communicate with all ports.
â   The protected-ports command applies to logical ports (trunks as well
as untrunked ports)
Figure 9-15. Example of Protected Ports Command for Ports 4 and 5
To display information about which ports have been configured as protected
ports, enter this command:
ProCurve(config)# show protected-ports
Syntax: [no] protected-ports
Prevents the selected ports from communicating with each
other.
Default: All ports unprotected.
no protected-ports all
Clears the protection from all ports; all ports can now communicate
with each other
---------------------------------------------
ProCurve(config)# protected-ports 4-5
---------------------------------------------
cenk

Reply
Alessandro_78
Alessandro_78
Regular Advisor

‎05-16-2008 12:01 AM

‎05-16-2008 12:01 AM

Re: 2510-24

Ok.
So, if port 25 is connected to internet (uplink), port 10 is database server, port1,port2,port3 are web servers I can do the following:

port 1 unprotected
port 2 unprotected
port 3 unprotected

port 10 protected

port 25 protected

Doing so, port 1,2,3 can comunicate with all ports, port 10 can't comunicate with port 25 and the it will not have internet access.

Port 25 can't comunicate with port 10 so from Internet I can't access database server

Is true?
0 Kudos
Reply
cenk sasmaztin
cenk sasmaztin
Honored Contributor

‎05-16-2008 12:02 AM

‎05-16-2008 12:02 AM

Re: 2510-24

yess Alessandro

your server protect port

(config)#protect-port 10

all other port unprotect

good luck....
cenk

Reply
cenk sasmaztin
cenk sasmaztin
Honored Contributor

‎05-16-2008 12:04 AM

‎05-16-2008 12:04 AM

Re: 2510-24

nooo port 25 unprotect if port 25 connection internet router

please only port 10 protect command


cenk
cenk

0 Kudos
Reply
Alessandro_78
Alessandro_78
Regular Advisor

‎05-16-2008 12:06 AM

‎05-16-2008 12:06 AM

Re: 2510-24

Thanks for the reply.
Any security issue with this setup?
Vlans are more secure than protected ports?
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.