Configuration Examples‎ > ‎HP / HPE‎ > ‎Aruba HPE‎ > ‎

Access lists on HPE Aruba 2930M

How to create ACL's / Access lists on HPE Aruba ArubaOS Switches

I created an ACL on the HPE Aruba 2930M switch to restrict access for a guest network. The guest network was prevented from accessing any internal network address ranges, but allowed users to browse the internet.

The guest network IP address range is

First create the ACL

ip access-list extended "GUEST-ACL"
     10 permit ip
     20 deny ip log
     30 deny ip log
     40 deny ip log
     50 permit ip log

  • Line 10 enables hosts on the subnet to talk to each other. Without this line, traffic will not be able to enter the VLAN.
  • Line 20,30 & 40 restrict access to any internal address spaces (RFC1918)
  • Line 50 permits the network to speak to every other address

Then apply the ACL to the VLAN interface

vlan 10
   name "Guest Network"
   ip access-group "GUEST-ACL" in
   ip address