- Community Home
- >
- Networking
- >
- Legacy
- >
- Switches, Hubs, Modems
- >
- ACCESS LIST ON HP PROCURVE 5304XL
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-23-2009 10:02 PM
тАО10-23-2009 10:02 PM
ACCESS LIST ON HP PROCURVE 5304XL
from the servers/hosted vlan.
hosted vlan is 10.1.1.0/24 subnet
the other vlan are in 10.1.[2/3/4/5].0/24 subnet
so i created an access list like
ip accesslist exten 110
deny ip 10.1.4.0/24 10.1.1.4/24
deny ip 10.1.4.0/24 10.1.1.8/24
permit ip any any
exit
and apply this to hosted vlan
like
vlan 1 ip access-gr 110 in
but it does not work what shall i do
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-24-2009 03:57 AM
тАО10-24-2009 03:57 AM
Re: ACCESS LIST ON HP PROCURVE 5304XL
deny ip 10.1.4.0/24 10.1.1.4/24
deny ip 10.1.4.0/24 10.1.1.8/24
permit ip any any
by this you denied 10.1.4.0/24 subnet from accessing 10.1.1.4 and 10.1.1.8 and access any other ip
can you please tell me exactly what subnets you want to deny.
and please post your vlan configuration.
"i want to restrict vlan 200 to access only two servers
from the servers/hosted vlan. "
from this i understand that you want vlan 200 to only access 2 servers, is that right ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-25-2009 10:27 PM
тАО10-25-2009 10:27 PM
Re: ACCESS LIST ON HP PROCURVE 5304XL
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-26-2009 07:51 AM
тАО10-26-2009 07:51 AM
Re: ACCESS LIST ON HP PROCURVE 5304XL
ip access-list extended "110"
exit
ip access-list extended "120"
deny ip 10.1.2.1 0.0.0.255 10.1.1.2 0.0.0.0
permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
exit
vlan 100
ip access-group "100" in
exit
<<<
There is some mismatch here....
ACL-110 is empty
ACL-120 is not referred to (in attached config)
ACL-100 does not exist
you may want to change
vlan 100
ip access-group "100" in
to
vlan 100
ip access-group "120" in
Pieter
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-26-2009 11:03 AM
тАО10-26-2009 11:03 AM
Re: ACCESS LIST ON HP PROCURVE 5304XL
ip access-list extended "120"
deny ip 10.1.2.0 0.0.0.255 10.1.1.2 0.0.0.0
permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
exit
module 2 type J4878B
module 1 type J4907A
ip routing
snmp-server community "public" Unrestricted
vlan 1
name "INTERNET"
untagged A1,A3-A16,B1-B4
ip address 10.1.0.2 255.255.255.0
no untagged A2
exit
vlan 100
name "HOSTEDSEV"
ip address 10.1.1.1 255.255.255.0
tagged A1,A14
exit
vlan 200
name "OTS"
untagged A2
ip address 10.1.2.1 255.255.255.0
ip helper-address 10.1.1.4
ip helper-address 10.1.0.1
tagged A1,A14
ip access-group "120" in
exit
vlan 300
name "4_AFRI"
ip address 10.1.3.1 255.255.255.0
ip helper-address 10.1.1.4
ip helper-address 10.1.0.1
tagged A1,A14
exit
vlan 400
name "ACCESS"
ip address 10.1.4.1 255.255.255.0
ip helper-address 10.1.1.4
ip helper-address 10.1.0.1
tagged A1,A14
exit
vlan 500
name "eZ_call"
ip address 10.1.5.1 255.255.255.0
ip helper-address 10.1.1.4
ip helper-address 10.1.0.1
tagged A1,A14
exit
ip route 0.0.0.0 0.0.0.0 10.1.0.1
router rip
exit
password manager