04-29-2014 09:01 AM
I have a public facing vlan that my guest vlan source nats through. Since this vlan is public, how do I block all management access to the public facing ip addrss on the vlan?
Solved! Go to Solution.
04-29-2014 09:22 AM
You can associate a session acl to the VLAN. MAKE SURE you leave the port trusted! If you enable no trust, then your user table will fill up with internet traffic!
Here is an example of this policy...tailor it to what you require:
Consulting Systems Engineer - ACCX, ACDX, ACMX
If you found my post helpful, please give kudos
04-29-2014 10:30 AM
04-29-2014 10:44 AM
That does not seem to be what I am looking for either. I was able to create a new seesion acl, but i cannot add rules to the acl. I simply want to block access to the public ip adress on the public vlan.
All of my vlans are assigned to port channel. Arubaos 6.3 on 3400 controller no PEF licenses.
What i am looking for is an acl like:
ipv4 any <public ip> any deny If this takes, will this break my source nt trough this vlan?
04-29-2014 10:46 AM - edited 04-29-2014 10:46 AM