Displaying And Maintaining Aspf - HPE FlexNetwork MSR Series Configuration Manual

Step
970. Enable the device to send
ICMP error messages for
packet dropping by security
policies applied to zone
pairs.

Displaying and maintaining ASPF

Execute display commands in any view and reset commands in user view.
Task
Display the configuration of all ASPF policies
and their applications.
Display ASPF
interfaces.
Display the configuration of an ASPF policy.
Display ASPF sessions (centralized devices
in standalone mode).
Display ASPF sessions (distributed devices
in standalone mode/centralized devices in
IRF mode).
Display ASPF sessions (distributed devices
in IRF mode).
Clear ASPF session statistics (centralized
devices in standalone mode).
Clear ASPF session statistics (distributed
devices in
devices in IRF mode).
Clear ASPF session statistics (distributed
devices in IRF mode).
ASPF configuration examples
ASPF FTP application inspection configuration example
Network requirements
Configure an ASPF policy on Router A to inspect the FTP traffic flows passing through Router A.
Only return packets for FTP connections initiated by users on the internal network are permitted to
pass through Router A and get into the internal network. All other types of packets from the external
network to the internal network are blocked.
Command
aspf icmp-error reply
policy applications
standalone mode/centralized
Command
display aspf all
on
display aspf interface
display aspf policy { aspf-policy-number | default }
display aspf session [ ipv4 | ipv6 ] [ verbose ]
display aspf session [ ipv4 | ipv6 ] [ slot slot-number ]
[ verbose ]
display aspf session [ ipv4 | ipv6 ] [ chassis
chassis-number slot slot-number ] [ verbose ]
reset aspf session [ ipv4 | ipv6 ]
reset aspf session [ ipv4 | ipv6 ] [ slot slot-number ]
reset aspf session [ ipv4 | ipv6 ] [ chassis
chassis-number slot slot-number ]
520
Remarks
By default, the device does not
send ICMP error messages when
the device drops packets that do
not match security
applied to zone pairs.
policies