Manualshelf

Access Security Guide K/KA/KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5412R zl2 Switch
451452453454455456457458459460
Protocol filters
This filter type enables the switch to forward or drop, on the basis of protocol type, traffic to a
specific set of destination ports on the switch. Filtered protocol types include:
Appletalk
ARP
IPX
NetBEUI
SNA
Only one filter for a particular protocol type can be configured at any one time. For example, a
separate protocol filter can be configured for each of the protocol types listed above, but only one
of those can be an IP filter. Also, the destination ports for a protocol filter can be on different
VLANs.
You can configure up to seven protocol filters.
Filtering index
The switch automatically assigns each new filter to the lowest-available index (IDX) number. The
index numbers are included in the show filter command described in the next section and are
used with the show filter < index > command to display detailed information about a
specific filter.
If there are no filters currently configured, and you create three filters in succession, they will have
index numbers 1 - 3. However, if you then delete the filter using index number “2” and then
configure two new filters, the first new filter will receive the index number “2” and the second new
filter will receive the index number "4". This is because the index number “2” was made vacant
by the earlier deletion, and was therefore the lowest index number available for the next new filter.
CLI Wizard: Operating notes and restrictions
Once a password has been configured on the switch, you cannot remove it using the CLI
wizard. Passwords can be removed by executing the no password command directly from
the CLI.
When you restrict SNMP access to SNMPv3 only, the options SNMPv2 community name and
access level will not appear.
The wizard displays the first available SNMPv2 community and allows the user to modify the
first community access parameters.
The wizard creates a new SNMP community only when no communities have been configured
on the switch.
The USB Autorun feature is disabled as soon as an operator or manager password is set on
the switch. Once a password has been set, the USB autorun option is no longer provided as
part of the wizard.
454 Traffic/Security Features and Monitors