How to create ACL's / Access lists on HPE Aruba ArubaOS Switches
I created an ACL on the HPE Aruba 2930M switch to restrict access for a guest network. The guest network was prevented from accessing any internal network address ranges, but allowed users to browse the internet.
The guest network IP address range is 192.168.0.0/23
First create the ACL
ip access-list extended "GUEST-ACL"
10 permit ip 192.168.0.0 0.0.1.255 192.168.0.0 0.0.1.255
20 deny ip 192.168.0.0 0.0.1.255 10.0.0.0 0.255.255.255 log
30 deny ip 192.168.0.0 0.0.1.255 172.16.0.0 0.15.255.255 log
40 deny ip 192.168.0.0 0.0.1.255 192.168.0.0 0.0.255.255 log
50 permit ip 192.168.0.0 0.0.1.255 0.0.0.0 255.255.255.255 log
exit
Basically,
Then apply the ACL to the VLAN interface
vlan 10
name "Guest Network"
ip access-group "GUEST-ACL" in
ip address 192.168.0.1 255.255.254.0
exit