Got it
Huawei Enterprise Support Community
Community Forums Routing & Switching
Bras + ACL

Bras + ACL

Created: Jul 20, 2020 14:40:50Latest reply: Jul 24, 2020 08:11:24 498 6 0 0 0
  HiCoins as reward: 5 (problem unresolved)
View the author 1#

Hello,


What is the best way to block Bogon IP-Adresses for authenticated PPPoE-Users on a Ne40-M2k. I want to block it as close as possible at the entry interface of the PPPoE-User. Is it possible to do in the global interface of a Subinterface which is configured as BRAS?


Best Regards



Like (0) Dislike (0) Favorite(0) Share Report
Previous: A2A VPN
Next: Traffic Shaping on Huawei NE40 Sub interface
Featured Answers

Recommended answer

(0) (0)
chenhui
Admin Created Jul 20, 2020 15:13:14

Hi,
Kindly refer to the link below to configure the access control.
https://support.huawei.com/hedex/hdx.do?docid=EDOC1100075471&id=dc_ne_ipox_cfg_0007_2&lang=en
View more
  • x
  • convention:

semphis
semphis Created Jul 20, 2020 15:21:31 (0) (0)
thank you for you answers.
@chenhui I was reading the documentary and stepped over your link too. This is my problem, I can not block Bogon-IPs with a mac-acl.

otherwise I have to check for bogon networks on the interfaces which has the outgoing connection to the internet, which takes more resources cause the packet goes from the bras interface to the outgoing interface. If I can block it somehow in the bras-interface then it saves resources.  
All Answers
(0) (0)
2#
BetterMing
BetterMing Created Jul 20, 2020 14:41:59

Hello, semphis.
It's nice to meet you in the community.
We're working on your problem. Please be patient.
View more
  • x
  • convention:
(0) (0)
3#
chenhui
chenhui Admin Created Jul 20, 2020 15:13:14

Hi,
Kindly refer to the link below to configure the access control.
https://support.huawei.com/hedex/hdx.do?docid=EDOC1100075471&id=dc_ne_ipox_cfg_0007_2&lang=en
View more
  • x
  • convention:

semphis
semphis Created Jul 20, 2020 15:21:31 (0) (0)
thank you for you answers.
@chenhui I was reading the documentary and stepped over your link too. This is my problem, I can not block Bogon-IPs with a mac-acl.

otherwise I have to check for bogon networks on the interfaces which has the outgoing connection to the internet, which takes more resources cause the packet goes from the bras interface to the outgoing interface. If I can block it somehow in the bras-interface then it saves resources.  
(0) (0)
4#
chenhui
chenhui Admin Created Jul 21, 2020 05:09:09

Hello semphis,
What you mean you cannot filter the Bogon-IPs MAC on the BRAS interface, you did that but failed or such configuration is allowed? Is there any error logs or wrong configuration?

View more
  • x
  • convention:
(0) (0)
5#
semphis
semphis Created Jul 24, 2020 08:11:24

@chenhui
I wanted to say that it is not possible to block Bogon-IPs by using a Mac-Filtered-ACL. It would be possible if I were able to put an extened ACL on the BAS interface or Virtuell Template so those IPs get blocked or denied
View more
  • x
  • convention:

chenhui
chenhui Created Jul 28, 2020 01:13:49 (0) (0)
You mean you did that but failed?  
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.