Processing Acps - HP 7102dl - ProCurve Secure Router Configuration Manual
Procurve secure router 7000dl series - advanced management and configuration guide
Hide thumbs
Also See for 7102dl - ProCurve Secure Router:
- Reference manual (1455 pages) ,
- Product end-of-life disassembly instructions (2 pages) ,
- Advanced management and configuration manual (1005 pages)
Table of Contents
Advertisement
Applying Access Control to Router Interfaces
Using ACPs to Control Access to Router Interfaces
For example, if you configure an ACP that blocks your Telnet access to the
ProCurve Secure Router, you will lose your ability to manage the router
through a Telnet session and must use another access method to correct your
error. You may have to access the router through a console session.
To prevent this from happening, you can enter the reload command to
schedule the router to reboot after the specified amount of time has elapsed.
From the enable mode context, enter:
Syntax: reload in <mmm>
or
Syntax: reload in <hh:mm>
Replace <mmm> with up to three digits to specify minutes. Replace
<hh:mm> with hours and minutes. For example, you may want to specify 15
minutes. Then, you can configure your ACLs without saving your configura-
tions. Before you apply your ACPs, you enter the reload command. After 15
minutes, the router will reload using the previously saved startup-config file.
If applying your ACPs has made you lose access to the router, you can now
re-access it and re-configure the ACPs correctly.
When you are sure that the ACPs you have applied do not prevent you from
accessing the ProCurve Secure Router, you can save your configurations and
cancel the reload command:
Syntax: reload cancel
N o t e
You can also enable SafeMode to protect your Telnet or Secure Shell (SSH)
session. (Enter safe-mode from the global configuration mode context.)
When in SafeMode, the Secure Router OS periodically asks you to reset a timer.
If you not do so before the timer expires, the Secure Router OS assumes that
you have been locked out of the router and reboots the router. See Chapter 1:
Overview for more information about SafeMode.
Processing ACPs
Both ACLs and ACPs are order dependent. That is, the order of the entries is
important because the Secure Router OS firewall executes the entries one at
a time, from the top of the list to the bottom. The firewall stops processing
entries after it executes an action on a packet, so, even if more than one entry
matches a packet, only the first entry will affect the packet. As a general rule,
you should include the most specific entries at the top of the list and the most
general entries at the end of the list.
5-39
- Quick Links:
- Procurve Secure Router
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
