Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

How to Write an ACL

This thread has been viewed 6 times

  • 1.  How to Write an ACL

    Posted Jul 02, 2013 09:30 PM

    Hi I have the next stage.

     

    On the cisco side :

     

    Action     Source ip/mask                          Source ip/mask    Protocol     Source Port       Dst Port             

    permit    10.1.143.0 255.255.255.128    0.0.0.0 0.0.0.0       udp             any                      2100  

     

    On Aruba side:

    Source                                                              Destination           Protocol     Port        Action

    network   10.1.143.0 255.255.255.128        any                         udp            2100      permit    

     

    I´m using the minport 2100 and maxport 2100 option.

    But I need use the source "any" and dest 2100 option on the rules editor to replicate exactly the same rule from cisco. And I don´t know how to put that "any" the editor only let me use from 0-65535 range.  

     

    How could I reach this. ?

     

    Thanks in advance. 

     



  • 2.  RE: How to Write an ACL
    Best Answer

    Posted Jul 02, 2013 11:15 PM

    The source port is assumed to be "any".  Your rule can be written like this:

     

    network 10.1.143.0 255.255.255.0 any udp 2100 2100 permit

     

    **The min/max port should be the same if you want a single port destination.  The source port of that request is asssumed to be "any"

     

     

    It can also be achieved by using aliases/network destinations:

     

    netdestination "network-name"

    network 10.1.143.0 255.255.255.0

     

    alias "network-name" any udp 2100 2100 permit

     

     



  • 3.  RE: How to Write an ACL

    Posted Jul 02, 2013 11:55 PM

    Thank you.