Manualshelf

HP VPN Firewall Appliances Network Management Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
571572573574575576577578579580
555
[Firewall-GigabitEthernet0/1] quit
[Firewall] interface gigabitethernet 0/2
[Firewall-GigabitEthernet0/2] ip address 1.1.3.1 255.255.255.0
b. Configure Router B:
# Configure a static route to subnet 10.110.0.0/24.
<RouterB> system-view
[RouterB] ip route-static 10.110.0.0 24 1.1.2.1
# Configure the IP address of the GigabitEthernet interface.
[RouterB] interface gigabitethernet 0/1
[RouterB-GigabitEthernet0/1] ip address 1.1.2.2 255.255.255.0
c. Configure Router A:
# Configure a static route to subnet 10.110.0.0/24.
<RouterA> system-view
[RouterA] ip route-static 10.110.0.0 24 1.1.3.1
# Configure the IP address of the GigabitEthernet interface.
[RouterA] interface gigabitethernet 0/2
[RouterA-GigabitEthernet0/2] ip address 1.1.3.2 255.255.255.0
d. Verify the configuration:
Configure the IP address 10.110.0.20/24 for Host A, and specify its gateway address as
10.110.0.10.
On Host A, Telnet to Router B that is directly connected to Router A. The operation succeeds.
On Host A, Telnet to Router A that is directly connected to Router A. The operation fails.
Ping Router A from Host A. The operation succeeds.
Telnet uses TCP and ping uses ICMP. The preceding results show that all TCP packets received on
GigabitEthernet 0/3 of Firewall are forwarded to the next hop 1.1.2.2, and other packets are
forwarded via GigabitEthernet 0/2. The interface PBR configuration is effective.
Configuring interface PBR based on packet length
1. Network requirements
As shown in Figure 320, configure interf
ace PBR to guide the forwarding of packets received on
GigabitEthernet 0/3 of Firewall as follows:
Forwards packets with a length of 64 to 100 bytes to the next hop 150.1.1.2/24.
Forwards packets with a length of 101 t o 10 0 0 t o t h e n ex t h o p 151.1.1. 2 / 24 .
All other packets are forwarded according to the routing table.