Web and Unmanaged
cancel
Showing results for 
Search instead for 
Did you mean: 

How to configure Access List for HP Switch V1910 24G?

JackyCuong
Occasional Visitor

How to configure Access List for HP Switch V1910 24G?

Dear Experts,

 

- I'm facing the problem when I config ACL on HP Switch V1910 24G, this issue is listed below:

 

- First, my simple network including 2 VLAN (10 and 20), configured and work like a charm such as (Ping each VLan is OK): 

 

            +  Vlan10: 10.37.10.0/24

            +  Vlan 20: 10.37.20.0/24

 

- I followed the instruction of the HP CLI Guide below to configure for my own ACL: 

 

http://h17007.www1.hp.com/docs/interoperability/Cisco/HP-Networking-and-Cisco-CLI-Reference-Guide_June_10_WW_Eng_ltr.pdf

 

- Point to Chapter 23, in the section C. Routed/Layer 3 ACL (RACL) and follow the Extended or Advanced ACL.

- I was created an ACL rule is deny specify IP address from Vlan10 to Vlan20. It work like a charm, it mean these IP cannot communicate.

- The problem is when I deny Network/Mask from Vlan10 to Vlan20, it still can communicate. This is my CLI below:

 

Step 1: acl number 3001

               rule deny ip source 10.37.10.0 0 destination 10.37.20.0 0 logging

Step 2: traffice classsifier VL10_to_VL20

               if-match acl  3001

Step 3: traffic behavior deny_stats

               filter deny

               accounting    (Switch donot understand this CLI)

Step 4: qos policy pcacl

               classifier VL10_to_VL20 behavior deny_stats

               qos apply policy pcacl global inbound

 

- Something wrong in those command above?

 

- By the way, I have another question concerning to this ACL is:

              + How to delete/change the ACL after applied to the global ?

 

I'm looking forward to reply from ALL,

 

Special Thanks from,

 

Jacky

 

 

P.S. This thread has been moved from ProCurve / ProVision-Based to Web and Unmanaged. -HP Forum Moderator