This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

S Series Inbound Port Policy Deny Subnet

S Series Inbound Port Policy Deny Subnet

Walt_Witkowski
New Contributor II

‎01-10-2020 01:28 PM

We are routing multiple networks with S-Series routers.  Multiple networks inbound on a trunk port from closet switches.  At one point we set policies on the closet switch ports to deny destination ip range access.  EX.  Student Vlan defined port was manually assigned a policy to deny access to certain ip ranges (Employee vlans).  This can be troublesome because of the amount of moves and changes that take place in our environment at the closet level. We would like to do something similar on the S-Series core inbound trunk ports but by vlan definition?    But in this case its a trunk port so we want to deny the student subnet access to the employee range but not all traffic.   .

0 Kudos
1 REPLY 1

Zdeněk_Pala
Extreme Employee

‎01-17-2020 01:32 PM

On S-series you should be able to use source IP mapping to Policy Role:

ed258e41dbad4ceda2d78cd9099ed490_e3d5d857-1411-4bab-b5ce-359c075d4726.png

 

Then in rules you can define your actions…

 

Z.

Regards Zdeněk Pala
0 Kudos
GTM-P2G8KFN