Reflexive Traffic; Event Logging - HP 7102dl - ProCurve Secure Router Configuration Manual
Procurve secure router 7000dl series - advanced management and configuration guide
Hide thumbs
Also See for 7102dl - ProCurve Secure Router:
- Reference manual (1455 pages) ,
- Product end-of-life disassembly instructions (2 pages) ,
- Advanced management and configuration manual (1005 pages)
Table of Contents
Advertisement
ProCurve Secure Router OS Firewall—Protecting the Internal, Trusted Network
Overview
4-12
Reflexive Traffic
Reflexive traffic is traffic that is received on an interface and then forwarded
out the same interface. For example, in a multi-netted environment, traffic will
sometimes arrive on and leave by the same Ethernet interface. Figure 4-4
shows an example of such a network. (The interface has a primary and
secondary IP address and routes between the two subnets.) By default, the
Secure Router OS firewall does not process traffic that it immediately for-
wards through the interface on which the traffic was received. It assumes that
the traffic is from a trusted source.
Router 1
Eth 0/1
Destination:
10.2.2.253 /24
Figure 4-4. Reflexive Traffic
If you want the Secure Router OS firewall to process traffic sent from a
primary subnet to a secondary subnet on the same interface, you must enable
the reflexive-traffic check. When you enable this check, the Secure Router OS
firewall will screen reflexive traffic for attacks. (It will also apply any ACPs
assigned to the interface.)
Event Logging
The Secure Router OS firewall automatically logs events that occur on the
router. The firewall can log the events to:
an event-history log on the router
a syslog server
an email address or addresses
Hub
10.2.2.253
10.1.1.1 /24
Default gateway:
10.1.1.254
Router 2
Eth 0/1
10.1.1.254 /24
10.2.2.254 /24
- Quick Links:
- Procurve Secure Router
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
