Command of the Day

Guru Elite

COTD: Blocking IPX and Appletalk - Ethertype ACLs

Using the built-in Aruba firewall, you can block any type of IP traffic that you want. What few people know or use is the fact that you can also block non-IP traffic as well by using an ethertype ACL. For example, the ethertype for Appletalk is 0x809B, and the ethertype for IPX is 0x8137. To block Appletalk AND IPX in a user role, you would do the following:

(Aruba651) (config) #ip access-list eth block-apple-ipx
(Aruba651) (config-eth-block-apple-ipx)#deny 0x809B
(Aruba651) (config-eth-block-apple-ipx)#deny 0x8137
(Aruba651) (config-eth-block-apple-ipx)#
(Aruba651) (config-eth-block-apple-ipx)#exit

Apply that firewall policy high up in a user-role and you will be blocking all of that chatty appletalk and IPX traffic from your network.
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
Search Airheads
Showing results for 
Search instead for 
Did you mean: