HP ProCurve 2910al Access Security Manual page 355
Hide thumbs
Also See for ProCurve 2910al:
- Configuration manual (194 pages) ,
- Manual (126 pages) ,
- Installation and getting started manual (114 pages)
Table of Contents
Advertisement
If the ACL does not already exist, this command creates the
specified ACL and its first ACE. If the ACL already exists,
the new ACE is appended to the end of the configured list of
explicit ACEs. In the default configuration, the ACEs in an
ACL will automatically be assigned consecutive sequence
numbers in increments of 10 and can be renumbered with
resequence (page 9-80).
Note: To insert a new ACE between two existing ACEs in
an extended, numbered ACL:
a. Use ip access list extended < 100 - 199 > to open the
ACL as a named ACL.
b. Enter the desired sequence number along with the
ACE statement you want.
(Refer to the "Numbered ACLs" list item on page 9-42.)
For a match to occur, a packet must have the source and
destination addressing criteria specified in the ACE, as
well as:
• the protocol-specific criteria configured in the ACE,
including any included, optional elements (described
later in this section)
• any (optional) precedence and/or ToS settings
configured in the ACE
< 100-199 >
Specifies the ACL ID number. The switch interprets a
numeric ACL with a value in this range as an extended
ACL.
< deny | permit >
Specifies whether to deny (drop) or permit (forward) a packet
that matches the criteria specified in the ACE, as described
below.
IPv4 Access Control Lists (ACLs)
Configuring Extended ACLs
9-67
Hide quick links:
Advertisement
Table of Contents
