Wired

last person joined: 6 hours ago 

Bring performance and reliability to your network with the Aruba Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of the ArubaOS-Switch and ArubaOS-CX devices, and find ways to improve security across your network to bring together a mobile first solution.

Aruba 5400 ACL example?

  • 1.  Aruba 5400 ACL example?

    Posted Nov 26, 2017 06:32 AM

    Hi, I'm wonder about ACL.

     

    I want to make 2 ACL.

     

    First 

    1. Guest vlan can access only Internet.(to 192.168.2.2 = Firewall IP)

    2. Then Guest vlan cannot access any other vlans.

    3. Any other vlans cannot access Guest vlan.

     

    Second 

    1. Server vlan can accessed by only Employee vlan.

    2. Any other vlans cannot access the Server vlan.

     

     

    Is it right? Please cheak my ACL Example...^^

     

    ====IP info=====

    V1(Device) 192.168.0.1/24
    V2(Employee) 192.168.10.1/24
    V3(Server) 192.168.100.1/24
    V4(Guest) 172.16.0.1/16
    V5(FM) 192.168.1.1/24
    V6(Serial) 192.168.2.1/24


    ====ACL1=====


    ip access-list extended Vlan4
    permit ip 172.16.0.1 0.0.255.255 192.168.2.1 0.0.0.255 log
    deny ip 172.16.0.1 0.0.255.255 192.168.0.1 0.0.255.255 log
    permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
    exit
    vlan 4
    ip access-group vlan4 out

    ====ACL2=====


    ip access-list extended Vlan3
    permit ip 192.168.10.1 0.0.0.255 192.168.100.1 0.0.0.255 log
    deny ip 192.168.0.1 0.0.255.255 192.168.100.1 0.0.0.255 log
    deny ip 172.16.0.1 0.0.255.255 192.168.100.1 0.0.0.255 log(=don't need? Because ACL1 included?)
    permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
    exit
    vlan 3
    ip access-group vlan3 in