F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Access Control Configuration Guide-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

Enabling the share attribute of a security zone ·································································································· 39

Adding interfaces to a security zone ·················································································································· 39

Creating an interzone instance ···························································································································· 39

Security zone configuration example ·························································································································· 40

Managing services ····················································································································································· 42

Service management configuration examples ············································································································ 44

HTTP configuration example ········································································································································· 44

HTTPS configuration example ······································································································································· 47

Configuring address resources ································································································································· 52

Address resource overview ··········································································································································· 52

Configuring address resources in the Web interface ································································································ 52

Configuring IP address resources ························································································································ 52

Configuring an IP address group resource ········································································································· 56

Configuring a MAC address resource ················································································································ 57

Configuring a MAC address group resource····································································································· 58

Exporting and importing configuration ··············································································································· 60

Configuring address resources at the CLI ···················································································································· 61

Configuring an IP address object ························································································································ 61

Configuring an IP address group object ············································································································· 63

Configuring a MAC address object ···················································································································· 63

Configuring a MAC address group object ········································································································· 64

Displaying and maintaining objects ···················································································································· 64

Configuring service resources ··································································································································· 66

Overview ········································································································································································· 66

Configuring the service resources in the Web interface ···························································································· 66

Displaying default service resources ··················································································································· 66

Configuring a customized service resource········································································································ 67

Configuring a service group resource ················································································································ 69

Exporting and importing the configurations ······································································································· 70

Configuring the service resource at the CLI ················································································································· 71

Configuring a service object ································································································································ 71

Configuring a service group object ····················································································································· 72

Displaying and maintaining objects ···················································································································· 72

Configuring a time range resource ··························································································································· 73

Configuration guidelines ··············································································································································· 73

Configuring a time range resource in the Web interface ························································································· 73

Configuring a time range at the CLI ···························································································································· 74

Configuring an interzone policy ······························································································································· 76

Feature and hardware compatibility ···························································································································· 76

Interzone policy rule ·············································································································································· 76

Interzone policy group ·········································································································································· 77

Configuring the interzone policy rules in the Web interface ···················································································· 77

Configuring an interzone policy rule ·················································································································· 77

Configuring an interzone policy group ·············································································································· 82

Exporting and importing configurations ············································································································· 87

Displaying packet statistics of an interzone policy ···························································································· 88

Interzone policy configuration example·············································································································· 88

Configuring the interzone policy rules at the CLI········································································································ 95

Interzone policy rule configuration task list ········································································································ 95

Configuring the interzone policy group ·············································································································· 99