Switches, Hubs, and Modems
1748286 Members
3321 Online
108761 Solutions
New Discussion

reg:acl help

 
support center
Advisor

reg:acl help

Dear Experts,

Network Scope of Work.
Network A 192.168.1.0 Common Servers
Network B 192.168.100.0 Process Servers
Network C 192.168.101.0 2nd and 1st floor of Building One
Network D 192.168.102.0 Ground floor of Building One
Network E 192.168.103.0 Total 2nd Building
Scenario
1.
Network A should talk to Network B C D E
2.
Network B should talk to Network E
3.
Network C should not talk to Network D E
4.
Network D should not talk to Network B C E
5.
Network E should not talk to Network B C D
The Site to Site VPN present talk to 192.168.1.0
1.
This should to be change to Network B 192.168.100 .0
2.
Some systems of Network C 192.168.101.0
3.
Some systems of Network A 192.168.1.0
To allow some systems between different networks wise versa
For this i have 3500yl as a core switch and 800 switches as l2 switches
how can i create vlans on 3500yl and 800 switches and how can i make acls
for this any document plz and i am new to hp switches can any body give examples.

srini
1 REPLY 1
cenk sasmaztin
Honored Contributor

Re: reg:acl help

hi again Srini

each L2 switch connect (for uplink)on 3500 switch vlan x untag port.

you can must be crate standart acl for each vlan network address

for example

ip access-list standard "10"
deny 192.168.1.0 0.0.0.255
permit 0.0.0.0 255.255.255.255

ip access-list standard "11"
deny 192.168.100.0 0.0.0.255
permit 0.0.0.0 255.255.255.255

and necessary vlan interface associate this rule

for example

vlan A unable connect vlan B

vlan B
name "vlanB"
ip address 192.168.100.1 255.255.255.0
ip access-group "10" out
exit

good luck

cenk