5406 accecss list (204 Views)
Reply
Occasional Contributor
furtlegog
Posts: 8
Registered: ‎04-19-2013
Message 1 of 3 (204 Views)

5406 accecss list

Hi

 

I have a Student VLAN and an IT Services VLAN

 

I wish to be able to TCP from IT to student, but do not wish to be able to TCP from Student to IT Services

 

I have tried using

 

access-list 101 permit source destination established

 

but this allows tcp in both directions, unless I have the syntax wrong or have missed something.

 

do I need to add things like gt 1023 or ACK,RST

 

regards

 

 

 

Please use plain text.
Frequent Advisor
YenLin
Posts: 56
Registered: ‎12-12-2012
Message 2 of 3 (187 Views)

Re: 5406 accecss list

Hi Is your situation can be solved by protected port configuration?

http://bizsupport2.austin.hp.com/bc/docs/support/SupportManual/c02563912/c02563912.pdf

 

Please use plain text.
Occasional Contributor
furtlegog
Posts: 8
Registered: ‎04-19-2013
Message 3 of 3 (173 Views)

Re: 5406 accecss list

looking at the link provided, protected ports looks like the ports will be protected from each other.

 

What i need is for the IT Services Vlan to still be able to access the student VLan but the student vlan to be blocked. Also this mentions port based my access list is on the VLAN itself(student vlan).

 

I think the tcp established route might be the solution if I can only sort out the syntax

Please use plain text.
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation