HP 7102dl - ProCurve Secure Router Configuration Manual page 260
Procurve secure router 7000dl series - advanced management and configuration guide
Hide thumbs
Also See for 7102dl - ProCurve Secure Router:
- Reference manual (1455 pages) ,
- Product end-of-life disassembly instructions (2 pages) ,
- Advanced management and configuration manual (1005 pages)
Table of Contents
Advertisement
Applying Access Control to Router Interfaces
Using ACPs to Control Access to Router Interfaces
5-28
A standard ACL matches only one packet pattern: the source IP address. An
extended ACL matches more complex packet patterns:
source and a destination address
most fields in the IP, TCP, and UDP header, including IP protocol and TCP
or UDP source or destination port
You should create a standard ACL if you want to select traffic based only on
the source IP address. (See Figure 5-6.) If you want to select traffic based on
other fields in the IP, TCP, or UDP header or if you want the firewall to filter
traffic based on the destination IP address of traffic, you must create an
extended ACL. (See Figure 5-7.)
Server
Server
Core Switch
Edge Switch
LAN
LAN
Figure 5-6. With Standard ACLs, the ProCurve Secure Router Checks Only the
Source Address
Router
Is this source address
permitted or denied?
Edge Switch
LAN
LAN
Internet
User
- Quick Links:
- Procurve Secure Router
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
