Configuring The Demand Interface - HP 7102dl - ProCurve Secure Router Configuration Manual
Procurve secure router 7000dl series - advanced management and configuration guide
Hide thumbs
Also See for 7102dl - ProCurve Secure Router:
- Reference manual (1455 pages) ,
- Product end-of-life disassembly instructions (2 pages) ,
- Advanced management and configuration manual (1005 pages)
Table of Contents
Advertisement
Configuring Backup WAN Connections
Configuring Demand Routing for Backup Connections
3-20
When you enter wildcard bits, you use a zero to indicate that the Secure Router
OS should match the corresponding bit in the IP address. You use a one to
indicate that the Secure Router OS can ignore the corresponding bit in the IP
address. In other words, the Secure Router OS does not have to match that bit.
For example, you might enter:
ProCurve(config-ext-nacl)# deny ip any 192.115.1.0 0.0.0.255
If you enter 192.115.1.0 with the wildcard bits 0.0.0.255, the Secure Router
OS will not match any address bits in the fourth octet of the IP address. The
Secure Router OS will match incoming packets to the IP subnet with the
address 192.115.1.0 /24. (For more information about configuring ACLs, see
Chapter 5: Applying Access Control to Router Interfaces.)
Examples. For example, if you want any traffic to the far-end network
192.168.115.0 /24 to trigger the dial-up connection, you would enter:
ProCurve(config-ext-nacl)# permit ip any 192.168.115.0 0.0.0.255
If you want any outbound traffic from a particular network segment to trigger
a dial-up connection, use wildcard bits to specify that network as the source.
For example, enter:
ProCurve(config-ext-nacl)# permit ip 192.168.1.0 0.0.0.255 any
Implicit "Deny Any" for ACL. Each ACL includes an implicit "deny any"
entry at the end of the list. If a packet does not match any entry in the ACL
you create, it matches the implicit "deny any" entry.
After you have finished creating the ACL, enter exit to return to the global
configuration mode context.
After you create the ACL, you must apply it to the demand interface. In fact,
the ACL will have no effect until you apply it to the demand interface.
Configuring the Demand Interface
You must create a demand interface for each router to which the ProCurve
Secure Router will connect through a dial-up connection. The demand inter-
face provides the Data Link Layer for the physical dial-up interface.
Like other logical interfaces such as Frame Relay or PPP, the demand interface
controls the logical functions for the WAN connection. In many ways, you
configure the demand interface as you do any other logical interface. For
- Quick Links:
- Procurve Secure Router
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
Need help?
Do you have a question about the 7102dl - ProCurve Secure Router and is the answer not in the manual?
Questions and answers