Network Management

last person joined: 10 hours ago 

Keep an informative eye on your network with HPE Aruba Networking network management solutions
Back to discussions
Expand all | Collapse all

ACL

This thread has been viewed 13 times

  • 1.  ACL

    Posted Nov 16, 2018 10:21 PM

    Hi All.

    I believe I need to create an ACL as I would like to block all traffic from vLan 201  (172.16.200.0 - 255.255.254.0) from getting to the default vLan001 (10.0.0.0 - 255.0.0.0), and vice versa, but need 172.16.200.x to access the internet.

    Internet Gateway is 10.1.10.41 - 255.0.0.0

    How would I be able to accomplish this?  ACL's confuse the heck out of me.

    Thank you.



  • 2.  RE: ACL

    MVP EXPERT
    Posted Nov 17, 2018 04:49 AM

    Which device are you trying to configure this on? ACL's work from top down (so the first rule that is matched will be used...) with an explicit deny at the end. 

     

    In your case, I assume 172.16.200.0/255.255.254.0 is the source VLAN of the SSID. Your first rule would be to deny ANY (source VLAN) traffic to 10/8, then the remaining rules (I've used the below as an example for allowing, DNS, HTTP & HTTPS) would permit your Internet access traffic. 

     

    ACL.png



  • 3.  RE: ACL

    Posted Nov 18, 2018 12:35 PM

    Thanks for the response.

    I am using an S2500 as my router. 

     I do have other vlans, but they are allowed to access the 10.0.0.0 subnet (Vlan001).

    With the ACL that you provided, how could I allow 192.168.40.0 255.255.248.0 access?

    Thanks again. I really appreciate it.