HP 7102dl - ProCurve Secure Router Configuration Manual page 282
Procurve secure router 7000dl series - advanced management and configuration guide
Hide thumbs
Also See for 7102dl - ProCurve Secure Router:
- Reference manual (1455 pages) ,
- Product end-of-life disassembly instructions (2 pages) ,
- Advanced management and configuration manual (1005 pages)
Table of Contents
Advertisement
Applying Access Control to Router Interfaces
Using ACPs to Control Access to Router Interfaces
5-50
When you are using ACLs with ACPs, remember that you must use a permit
entry to both select traffic and to have the Secure Router OS firewall take the
action configured in the ACP. If you want to explicitly deny access to a subnet,
you must create a permit entry in the ACL and then create a discard entry in
the ACP.
Because you want to permit some traffic but deny other traffic, you should
create two different ACLs. Enter:
ProCurve(config)# ip access-list extended Allow
ProCurve(config-ext-nacl)# permit ip 10.1.1.0 0.0.0.3 any
ProCurve(config-ext-nacl)# exit
ProCurve(config)# ip access-list extended Discard
ProCurve(config-ext-nacl)# permit ip 192.168.115.0 0.0.0.255 any
ProCurve(config-ext-nacl)# exit
ProCurve(config)# ip policy-class WAN
ProCurve(config-policy-class)# allow list Allow
ProCurve(config-policy-class)# discard list Discard
ProCurve(config-ext-nacl)# exit
Again, you must use the access-policy command to apply the ACP to the
appropriate WAN interface.
- Quick Links:
- Procurve Secure Router
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
