Solved

blocking port 22 to a server on a procurve 5412zl switch

Posted on 2008-10-16
4
667 Views
Last Modified: 2012-05-05
I have a HP procurve 5412zl switch and I'm wanting to block access to TCP port #22 for all subnets but 10.1.1.0 but i'm having no luck. I've been trying an extended access control list but I can only seem to block the port going out from the server. I'm needing to block port access into the server.

Can I block ports this way and how do I do this?
0
Comment
Question by:shook1981
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 8

Expert Comment

by:MrJemson
ID: 22738025
Would probably be easier to configure the firewall on the server for this purpose.
What kind of box are you using? Is iptables installed? running?
0
 

Author Comment

by:shook1981
ID: 22740546
I have my reasons why I want to know how/if the switch can do this. I know how to block outgoing traffic just not the incoming
0
 
LVL 4

Accepted Solution

by:
Adraenyse earned 500 total points
ID: 24445936
Blocking inbound ports requires that you filter the source port to be larger than 1023 and the destination as 22. The source port will not be 22.

Your better bet is to write the ACL so that it accepts >1023 as source and 22 as destination where the source IP is 10.1.1.0 and then deny all other sources.
0

Featured Post

Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question