Wireless Access

last person joined: 10 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Allow Inter-User-Traffic for special ports/services

This thread has been viewed 1 times

  • 1.  Allow Inter-User-Traffic for special ports/services

    Posted Mar 23, 2017 08:47 AM

    Hi,

     

    I want to deny inter-user-traffic in general on controllers with some exceptions for a few special ports and services.

    Is this possible? Or is it just 'all or nothing'?

    I've already tried to create firewall rules from user to user, which was unfortunately not possible.

     

    Many thanks.



  • 2.  RE: Allow Inter-User-Traffic for special ports/services

    Posted Mar 24, 2017 07:59 AM

    You can create this with firewall rules in your role(s).

     

    You don't need to use user to user. You can specify your user network or create an alias for the user network then create a rule like so:

     

    allowtcp 3389fromaliasusernetworktoaliasusernetwork
    denyallfromaliasusernetworktoaliasusernetwork

    In this example you should be able to see that tcp 3389 is allowed but everything else is denied.