HP 7102dl - ProCurve Secure Router Configuration Manual page 265
Procurve secure router 7000dl series - advanced management and configuration guide
Hide thumbs
Also See for 7102dl - ProCurve Secure Router:
- Reference manual (1455 pages) ,
- Product end-of-life disassembly instructions (2 pages) ,
- Advanced management and configuration manual (1005 pages)
Table of Contents
Advertisement
All of the command options are explained in the sections that follow.
Specifying a Protocol. When you configure extended ACLs, you must spec-
ify a protocol. Valid protocols include:
AH (ahp)
ESP (esp)
GRE (gre)
ICMP (icmp)
IP (ip)
TCP (tcp)
UDP (udp)
You can also specify the number of the protocol. Valid numbers include any
number between 0 and 255.
Defining the Source and Destination Addresses. You must configure
both a source and a destination address for each entry. Table 5-8 shows the
options you have for specifying these addresses.
Table 5-8.
Options for Specifying Source and Destination Addresses
Option
any
host <A.B.C.D>
hostname <hostname>
<A.B.C.D> <wildcard bits>
For example, suppose you want to select all TCP traffic from any source to
any destination and have the Secure Router OS take the action specified in
the ACP entry that you will configure later. Enter:
ProCurve(config-ext-nacl)# permit tcp any any
To exclude traffic from the action that you will later specify in the ACP, create
a deny entry. For example to exclude all ICMP traffic from a specific host,
such as host 192.168.1.1, to any destination, enter:
ProCurve(config-ext-nacl)# deny icmp host 192.168.1.1 any
Applying Access Control to Router Interfaces
Using ACPs to Control Access to Router Interfaces
Meaning
matches all hosts
specifies a single host or a single IP address
specifies a single host, using its hostname rather than its
IP address
specifies a range of IP addresses
5-33
- Quick Links:
- Procurve Secure Router
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
