Wired Intelligent Edge

last person joined: 2 days ago 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of your switching devices, and find ways to improve security across your network to bring together a mobile-first solution
Back to discussions
Expand all | Collapse all

Aruba 5400 ACL example?

This thread has been viewed 6 times

  • 1.  Aruba 5400 ACL example?

    Posted Nov 26, 2017 06:32 AM

    Hi, I'm wonder about ACL.

     

    I want to make 2 ACL.

     

    First 

    1. Guest vlan can access only Internet.(to 192.168.2.2 = Firewall IP)

    2. Then Guest vlan cannot access any other vlans.

    3. Any other vlans cannot access Guest vlan.

     

    Second 

    1. Server vlan can accessed by only Employee vlan.

    2. Any other vlans cannot access the Server vlan.

     

     

    Is it right? Please cheak my ACL Example...^^

     

    ====IP info=====

    V1(Device) 192.168.0.1/24
    V2(Employee) 192.168.10.1/24
    V3(Server) 192.168.100.1/24
    V4(Guest) 172.16.0.1/16
    V5(FM) 192.168.1.1/24
    V6(Serial) 192.168.2.1/24


    ====ACL1=====


    ip access-list extended Vlan4
    permit ip 172.16.0.1 0.0.255.255 192.168.2.1 0.0.0.255 log
    deny ip 172.16.0.1 0.0.255.255 192.168.0.1 0.0.255.255 log
    permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
    exit
    vlan 4
    ip access-group vlan4 out

    ====ACL2=====


    ip access-list extended Vlan3
    permit ip 192.168.10.1 0.0.0.255 192.168.100.1 0.0.0.255 log
    deny ip 192.168.0.1 0.0.255.255 192.168.100.1 0.0.0.255 log
    deny ip 172.16.0.1 0.0.255.255 192.168.100.1 0.0.0.255 log(=don't need? Because ACL1 included?)
    permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
    exit
    vlan 3
    ip access-group vlan3 in