Manualshelf

HP VPN Firewall Appliances Network Management Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
281282283284285286287288289290
261
Configuration procedure
1. Configure the switch:
# Add GigabitEthernet 0/3, GigabitEthernet 0/1, and GigabitEthernet 0/2 to VLAN 2.
Configure port isolation for Host A and Host B.
<Switch> system-view
[Switch] port-isolate group 2
[Switch] vlan 2
[Switch-vlan2] port gigabitethernet 0/3
[Switch-vlan2] port gigabitethernet 0/1
[Switch-vlan2] port gigabitethernet 0/2
[Switch-vlan2] quit
[Switch] interface gigabitethernet 0/3
[Switch-GigabitEthernet0/3] port-isolate enable group 2
[Switch-GigabitEthernet0/3] interface gigabitethernet 0/1
[Switch-GigabitEthernet0/1] port-isolate enable group 2
[Switch-GigabitEthernet0/1] interface gigabitethernet 0/2
[Switch-GigabitEthernet0/2] port-isolate uplink-port group 2
2. Configure the firewall:
# Specify the IP address of GigabitEthernet 0/2.
<Firewall> system-view
[Firewall] interface gigabitethernet 0/2
[Firewall-GigabitEthernet0/2] ip address 192.168.10.100 255.255.0.0
The ping operation from Host A to Host B is unsuccessful because they are isolated at Layer 2 and
Layer 3.
# Configure local proxy ARP to allow communication between Host A and Host B at Layer 3.
[Firewall-GigabitEthernet0/2] local-proxy-arp enable
The ping operation from Host A to Host B is successful after the configuration.