Command of the Day

Guru Elite

COTD: Blocking IPX and Appletalk - Ethertype ACLs

Using the built-in Aruba firewall, you can block any type of IP traffic that you want. What few people know or use is the fact that you can also block non-IP traffic as well by using an ethertype ACL. For example, the ethertype for Appletalk is 0x809B, and the ethertype for IPX is 0x8137. To block Appletalk AND IPX in a user role, you would do the following:

(Aruba651) (config) #ip access-list eth block-apple-ipx
(Aruba651) (config-eth-block-apple-ipx)#deny 0x809B
(Aruba651) (config-eth-block-apple-ipx)#deny 0x8137
(Aruba651) (config-eth-block-apple-ipx)#
(Aruba651) (config-eth-block-apple-ipx)#exit

Apply that firewall policy high up in a user-role and you will be blocking all of that chatty appletalk and IPX traffic from your network.

Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: