HP ProCurve Secure Router 7203 dl Advanced Management And Configuration Manual page 229
Secure router
Hide thumbs
Also See for ProCurve Secure Router 7203 dl:
- Configuration manual (1114 pages) ,
- Reference manual (1455 pages) ,
- Product end-of-life disassembly instructions (2 pages)
Table of Contents
Advertisement
Permit or Deny Traffic. You can now begin to enter permit and deny
entries. The ACL is empty until you add these entries.
To create permit and deny entries for standard ACLs, you use the following
command syntax:
Syntax: [permit | deny] <source address> [log]
To specify the <source address> use the following syntax:
[any | host [<A.B.C.D> | <hostname>] | <A.B.C.D> <wildcard bits>]
Table 5-3 explains the options for specifying the source address.
Table 5-3.
Options for Specifying the Source Address
Option
any
host [<A.B.C.D> | <hostname>]
<A.B.C.D>
<A.B.C.D> <wildcard bits>
For example, if you want to permit all traffic that enters through the Ethernet
interface, you create a permit entry in the ACL:
ProCurve(config-std-nacl)# permit any
You can also permit or deny a specific host:
ProCurve(config-std-nacl)# permit host <A.B.C.D>
ProCurve(config-std-nacl)# deny host <A.B.C.D>
For example, if you want to deny a host with the IP address of 192.168.115.90,
enter:
ProCurve(config-std-nacl)# deny host 192.168.115.90
If you want to permit a host with the hostname user1.procurve.com, enter:
ProCurve(config-std-nacl)# permit hostname user1.procurve.com
You can also omit the host keyword to permit or deny a specific IP address:
ProCurve(config-std-nacl)# permit 192.168.115.80
ProCurve(config-std-nacl)# deny 192.168.115.80
Applying Access Control to Router Interfaces
Using ACLs Alone to Configure Access Control
Meaning
matches all hosts
specifies a single IP address or a single host
specifies a single IP address
specifies a range of IP addresses
5-9
Advertisement
Chapters
Table of Contents
Troubleshooting
