+ Post New Thread
Results 1 to 6 of 6
Wireless Networks Thread, Blocking TCP/IP Ports with ProCurve Manager in Technical; Morning all We have just upgraded our network with a HP 5406ZL as our Core switch with edge switches consisting ...
  1. #1

    Join Date
    Apr 2008
    Posts
    405
    Thank Post
    22
    Thanked 13 Times in 10 Posts
    Rep Power
    15

    Blocking TCP/IP Ports with ProCurve Manager

    Morning all

    We have just upgraded our network with a HP 5406ZL as our Core switch with edge switches consisting of the 2510 and 2520 range. We were told when we ordered all of the kit that the switches and ProCurve Manager would allow us to block certain ports from being used, e.g the ports that iTunes uses.

    We have been told by someone from the same company that you can't limit the ports in this way and we can't find the options because we have a severe lacks of knowledge with ProCurve Manager.


    Could anyone shine some light on this?


    Thanks

  2. #2
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,432
    Thank Post
    10
    Thanked 488 Times in 428 Posts
    Rep Power
    111
    I have ProCurve Manager 2 and have no idea where you would do this.

    I do know that you can use switch ACLs between VLANs to restrict what traffic is allowed in and out. You must have VLANs though, as the traffic will just pass through the switch as normal if the devices are on the same vlan.

    I use several ACLs between vlans here on a 5412 to restrict client access to servers etc.

  3. #3

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,652
    Thank Post
    516
    Thanked 2,443 Times in 1,891 Posts
    Blog Entries
    24
    Rep Power
    831
    I don't think you can do this as a blanket blockage. We have the same switch and there aren't any settings like that anywhere. As DMcCoy says, the only thing you can do is use ACLs between VLANs to block things.

    You could do that in this case - stick the router to the internet on a vlan and everything else on another, then put an ACL in between with that port disallowed.

  4. #4

    Join Date
    Apr 2008
    Posts
    405
    Thank Post
    22
    Thanked 13 Times in 10 Posts
    Rep Power
    15
    Thanks for the responses guys, we are running different VLANs but the switches we particularly want to block iTunes on are set to one VLAN and we wanted to block the ports within that switch, otherwise they can still share etc between same switch users.

  5. #5

    Join Date
    Nov 2009
    Location
    Swansea
    Posts
    8
    Thank Post
    0
    Thanked 5 Times in 3 Posts
    Rep Power
    0
    Reaper - I suspect you won't be able to do this. You could put the ACL on the Layer 3 VLAN Interface on the HP5406zl, butthat wouldn't stop any traffic within the VLAN/subnet (only stuff outside of that which needs to go via the default gateway). You might be able to do private VLAN's which involve only allowing hosts to talk to the default gateway (probably the edge switches would need to support this) - but this might break other stuff?

    I've seen some Enterasys switches that support Layer3-4 filtering @ Layer2 (but this an additional feature and the switches cost a bit more than your standard managed switch)

  6. #6

    Join Date
    May 2009
    Location
    Sheffield
    Posts
    34
    Thank Post
    0
    Thanked 6 Times in 6 Posts
    Rep Power
    14
    To do what you want you'd probably need the Identity Driven Manager plugin for PCM (HP ProCurve Identity Driven Manager 3.0 J9438A, J9440A, J9439A) and a higher spec switch than the 2510s. Better to confirm with HP though....

SHARE:
+ Post New Thread

Similar Threads

  1. Replies: 0
    Last Post: 6th November 2009, 08:10 PM
  2. Exams software, TCP Ports issue
    By cookie_monster in forum Windows
    Replies: 4
    Last Post: 13th May 2009, 12:38 PM
  3. Blocking ports like french fishermen
    By SSFC in forum Internet Related/Filtering/Firewall
    Replies: 6
    Last Post: 11th May 2009, 04:31 PM
  4. HP Procurve Network Manager Software
    By wellscs in forum Wireless Networks
    Replies: 0
    Last Post: 15th April 2009, 02:37 PM
  5. Starting TCP/IP on XP
    By MrsGrinch in forum Network and Classroom Management
    Replies: 3
    Last Post: 26th March 2008, 04:24 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •