hi all,
i have a HPE switch and i have telneted in and i want to know the command(s) to block access to a network, so all other networks cant access this network
all my networks on the switch are VLANS and each VLAN has its own gateway ip so each VLAN can talk to eachother via the gateway ip
the easiest solution would be on the network that i want to be private is to put in no gateway ip but i need to have this as i want it to talk to the other networks but not other networks to talk to it
cheers,
rob
Quote from: robertkwild on January 26, 2018, 04:11:22 AM
hi all,
i have a HPE switch and i have telneted in and i want to know the command(s) to block access to a network, so all other networks cant access this network
all my networks on the switch are VLANS and each VLAN has its own gateway ip so each VLAN can talk to eachother via the gateway ip
the easiest solution would be on the network that i want to be private is to put in no gateway ip but i need to have this as i want it to talk to the other networks but not other networks to talk to it
cheers,
rob
What model HPE switch?
I don't think it matters, you won't be able to do this
" i want it to talk to the other networks but not other networks to talk to it"
ACL's on a switch are not stateful, if your switch was able to support ACL's and could allow traffic going out, return traffic would be blocked by the ACL.
Again, what model HPE switch?
Cisco has something called private VLAN's which may do the trick, I asked Uncle Google, he said that there is some support of isolated VLAN's on certain models of HPE switch.
Quote from: ristau5741 on January 26, 2018, 06:39:08 AM
Quote from: robertkwild on January 26, 2018, 04:11:22 AM
hi all,
i have a HPE switch and i have telneted in and i want to know the command(s) to block access to a network, so all other networks cant access this network
all my networks on the switch are VLANS and each VLAN has its own gateway ip so each VLAN can talk to eachother via the gateway ip
the easiest solution would be on the network that i want to be private is to put in no gateway ip but i need to have this as i want it to talk to the other networks but not other networks to talk to it
cheers,
rob
What model HPE switch?
I don't think it matters, you won't be able to do this
" i want it to talk to the other networks but not other networks to talk to it"
ACL's on a switch are not stateful, if your switch was able to support ACL's and could allow traffic going out, return traffic would be blocked by the ACL.
Again, what model HPE switch?
Cisco has something called private VLAN's which may do the trick, I asked Uncle Google, he said that there is some support of isolated VLAN's on certain models of HPE switch.
I would negate that comment...
you won't be able to do this
" i want it to talk to the other networks but not other networks to talk to it"
You would need to put ACL's on all the other SVI's denying traffic to the network you want to protect.
i have one of these -
https://h20195.www2.hpe.com/v2/getpdf.aspx/4aa3-0717enw.pdf