Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

Access restriction with a 5412zl ProCurve Switch

SOLVED
Go to solution
cyricoq
Occasional Visitor

Access restriction with a 5412zl ProCurve Switch

Hi forum,

I'm not so comfortable with ACL's but I'd like to get an ACL to do the following:

Restrict any access from a subnet 192.168.6.0 to other subnets.
I try some configs like:

Running configuration:

; J8698A Configuration Editor; Created on release #K.12.57


hostname "ProCurve Switch 5412zl"
snmp-server contact "ii@ii.com"
snmp-server location "IT Room"
time timezone -480
ip access-list extended "SB6"
10 deny ip 0.0.0.0 255.255.255.255 192.168.6.0 0.0.0.255
20 permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
exit
module 1 type J8702A
module 2 type J8702A
module 3 type J8702A
module 4 type J8702A
module 5 type J8702A
module 6 type J8702A
ip default-gateway 192.168.1.1
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged A1-A24,B1-B24,C1-C24,D1-D24,E1-E24,F1-F24
ip address 192.168.1.11 255.255.0.0
ip access-group "SB6" in
exit

And computers in the subnet 192.168.6.0 could still access other subnets.
Do I do something wrong ?

Any help will be much appreciated.
3 REPLIES
serpel
Trusted Contributor
Solution

Re: Access restriction with a 5412zl ProCurve Switch

Hi,
im not good with acl either, but what i can tell you is that you only got one subnet, because of that using a routed acl can't work.
i never used it but perheps it can work with a vlan acl.
here is a shot in the dark:
----------------------------------------
ip access-list extended "test-1"
10 permit ip 192.168.6.0 0.0.0.255 192.168.6.0 0.0.0.255
20 deny ip 192.168.6.0 0.0.0.255 0.0.0.0 255.255.255.255
30 permit ip any any
exit
vlan 1 ip access-group test-1 vlan
-----------------------------------------
but i can't test it.
hth
alex
cyricoq
Occasional Visitor

Re: Access restriction with a 5412zl ProCurve Switch

Thanks ABE that solved my problem :)
cyricoq
Occasional Visitor

Re: Access restriction with a 5412zl ProCurve Switch

Thanks.
Problem solved.