Creating An Extended Acl - HP ProCurve Secure Router 7203 dl Advanced Management And Configuration Manual
Secure router
Hide thumbs
Also See for ProCurve Secure Router 7203 dl:
- Configuration manual (1114 pages) ,
- Reference manual (1455 pages) ,
- Product end-of-life disassembly instructions (2 pages)
Table of Contents
Advertisement
Selecting the log Option. Include the log option if you want the Secure
Router OS to log a message when these two conditions are met:
debug access-list is enabled for this ACL
a packet matches this ACL
Exit the ACL
After you have finished creating the ACL, enter exit to return to the global
configuration mode context, as shown below:
ProCurve(config-std-nacl)# exit
ProCurve(config)#
Creating an Extended ACL
To create an extended ACL, you enter the following command from the global
configuration mode context:
Syntax: ip access-list extended <listname>
Replace <listname> with an alphanumeric descriptor that is meaningful to
you. The name is case sensitive.
After you enter this command, you are moved to the extended ACL configu-
ration mode context, as shown below:
ProCurve(config-ext-nacl)#
Permit or Deny Traffic. You can now begin to enter permit and deny
entries. The ACL is empty until you add these entries.
To create permit and deny entries for extended ACLs, you use the following
command syntax:
Syntax: [permit | deny] <protocol> <source address> <source port> <destination
address> <destination port> [<packet bits>] [log | log-input]
You must specify a <protocol>, <source address>, and <destination
address>. However, the following are optional:
<source port> for TCP or UDP traffic
<destination port> for TCP or UDP traffic
<packet bits>
[log | log-input]
Applying Access Control to Router Interfaces
Using ACLs Alone to Configure Access Control
5-11
Advertisement
Chapters
Table of Contents
Troubleshooting
