Re: Switch HP Procurve 3400cl VLAN ACLS

hugo25 · ‎02-05-2006

Hello all,
I have a procurve 3400 cl 24 ports,and i have 4 vlan configured.
My question is:
My vlan1 192.168.1.0/255.255.255.0 , my vlan 2 192.168.2.0/255.255.255.0
How i can deny all traffic from Vlan1 to Vlan2,but allow all trafic from VLan2 to VLan1.
I tried with access list:
Example:
access list 101 deny ip 192.168.1.0/0.0.0.255 any
access list 101 permit any any
and aplay access list to vlan2 interface,but dont work.
Can someone help me?
Best regards,
Hugo

Matt Hobbs · ‎02-06-2006

I believe you need ACL's that support the 'established' command, which the 3400 unfortunately does not.

claramunt_1 · ‎02-06-2006

Hi Hugo,

You've to apply the acl to all ports on the source (vlan1)

Try this:

ip access-list extended "101"
deny ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
permit ip any any

In all vlan1 interfaces:

interface X access-group "101" in

Jens Larsson · ‎02-07-2006

That will stop all traffic from vlan 1 to vlan 2 all right. Including returning packages in connections from vlan2 to vlan1 so in practise all traffic is stopped in both directions.

/jens

claramunt_1 · ‎02-07-2006

Jen, you are right. Then it seems that is not possible to do such thing with 3400cl series...

hugo25 · ‎02-07-2006

Ok
With access-list i can't do what i want,but and with security port filtering,do you know it is possible???
Best regards,
Hugo

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: Switch HP Procurve 3400cl VLAN ACLS

Switch HP Procurve 3400cl VLAN ACLS