Wired Intelligent Edge

 View Only

  • 1.  Cisco Extended ACL on Aruba ACL

    Posted Jun 06, 2020 04:39 AM

    Hi,

    Actually I had some ACL to put on Aruba. Below is my Cisco ACL.

    ip access-list extended ACCESS
    permit ip host 172.16.4.224 10.0.0.0 0.0.0.255
    deny ip host 172.16.4.158 192.168.90.100 0.0.0.2
    deny ip 172.16.4.0 0.0.1.255 host 10.0.0.7
    permit ip 172.16.4.0 0.0.1.255 any



  • 2.  RE: Cisco Extended ACL on Aruba ACL

    Posted Jun 07, 2020 09:59 AM

    Hi 

    ACL configuration on Aruba switches is almost simliar to Cisco syntax ,  So you can use the same ACL config from cisco in Aruba.  Also i would request you to check the CLI reference guide for Comware, Aruba & Cisco for more command comparison 

    HP-2530-48G(config)# ip access-list extended ACCESS
    HP-2530-48G(config-ext-nacl)# permit ip host 172.16.4.224 10.0.0.0 0.0.0.255
    HP-2530-48G(config-ext-nacl)# deny ip host 172.16.4.158 192.168.90.100 0.0.0.2
    HP-2530-48G(config-ext-nacl)# deny ip 172.16.4.0 0.0.1.255 host 10.0.0.7
    HP-2530-48G(config-ext-nacl)# permit ip 172.16.4.0 0.0.1.255 any

    CLI refernce guide Comware, Aruba , Cisco 

    http://h20628.www2.hp.com/km-ext/kmcsdirect/emr_na-c04793912-4.pdf 



  • 3.  RE: Cisco Extended ACL on Aruba ACL

    Posted Jun 08, 2020 08:21 AM

    It worked with my below commands.

    # ip routing

    # ip access-list extended ACCESS

    permit ip 172.16.4.224 0.0.0.0 10.0.0.0 0.0.0.255

    deny ip host 172.16.4.158 host 192.168.90.100

    deny ip 172.16.4.0 0.0.1.255 host 10.0.0.7

    permit ip 172.16.4.0 0.0.1.255 any

    # vlan id_num

    ip access-group ACCESS in

     

     



Related Content