ACLs

HP Switch – Access control Lists

Posted by robd on April 04, 2014
Networking / 1 Comment

Hi All,

We’ve recently implemented a BYOD wireless SSID for end users to check facebook or what ever it is they do.  As we’re short on resources we had to use existing DC’s to doll out IP’s but we were obviously worried around users “hacking” into the system.  So first thing we did was create a VLAN and assigned it to the wireless then applied several access control lists (ACL’s) to the core switch limiting the access to only the DC’s, proxy, core switch, each other and firewall then blocked the rest:

Firstly check the subnet mask of the VLAN you want to apply the ACL too as the wildcard/subnet address in the ACL will change dependant of the subnet.

The below example will use a subnet mask of 255.255.255.0 (the bits in red are notes only – do not try and apply them)

Logon to a switch and go into config mode:

 

Finally test!

Ok so what if you have a network that has a subnet of 255.255.252.0, well the wildcard changes in the ACL or above we had 0.0.0.255 where as in a 255.255.252.0 subnet we’d need 0.0.3.255.

Example:

 

So what happens if you want to delete a ACL from a VLAN:

 

 

Tags: , , , , ,

Copy Protected by Chetan's WP-Copyprotect.