HP 10500 Series Configuration Manual page 259
Security configuration guide
Hide thumbs
Also See for 10500 Series:
- Security configuration manual (596 pages) ,
- Configuration manual (512 pages) ,
- Specifications (42 pages)
Table of Contents
Advertisement
Figure 97 Network diagram
Configuration procedure
# Create VLAN 10, and add port GigabitEthernet 1/0/2 to VLAN 10.
<DeviceB> system-view
[DeviceB] vlan 10
[DeviceB-vlan10] port gigabitethernet 1/0/2
[DeviceB-vlan10] quit
# Create VLAN 20, and add port GigabitEthernet 1/0/3 to VLAN 20.
[DeviceB] vlan 20
[DeviceB-vlan20] port gigabitethernet 1/0/3
[DeviceB-vlan20] quit
# Configure the link type of GigabitEthernet 1/0/1 as trunk, and permit packets of VLAN 10 and VLAN
20 to pass the port.
[DeviceB] interface gigabitethernet 1/0/1
[DeviceB-GigabitEthernet1/0/1] port link-type trunk
[DeviceB-GigabitEthernet1/0/1] port trunk permit vlan 10 20
[DeviceB-GigabitEthernet1/0/1] quit
# Enable IPv4 source guard on GigabitEthernet 1/0/2 and GigabitEthernet 1/0/3.
[DeviceB] interface gigabitethernet 1/0/2
[DeviceB-GigabitEthernet1/0/2] ip verify source ip-address mac-address
[DeviceB-GigabitEthernet1/0/2] quit
[DeviceB] interface gigabitethernet 1/0/3
[DeviceB-GigabitEthernet1/0/3] ip verify source ip-address mac-address
[DeviceB-GigabitEthernet1/0/3] quit
# Configure global static IP binding entries to prevent attack packets that exploit the IP address or MAC
address of Host A and Host B from being forwarded.
[DeviceB] ip source binding ip-address 192.168.0.2 mac-address 0001-0203-0406
[DeviceB] ip source binding ip-address 192.168.1.2 mac-address 0001-0203-0407
249
Advertisement
Table of Contents
Troubleshooting
