R3166-R3206-HP High-End Firewalls Access Control Configuration Guide-6PW101
10
Item Descri
p
tion
Destination MAC Address
Select the Destination MAC Address check box and specify the
destination MAC address and wildcard.
Destination Wildcard
LSAP Type
Select the LSAP Type check box and specify the DSAP and SSAP fields
in the LLC encapsulation by configuring the following two items:
•
LSAP Type—Specifies the encapsulation format.
•
LSAP Wildcard—Specifies the LSAP mask.
LSAP Wildcard
Protocol Type
Select the Protocol Type check box and specify the link layer protocol
by configuring the following two items:
•
Protocol Type—Specifies a protocol type in Ethernet_II and
Ethernet_SNAP frames.
•
Protocol Wildcard—Specifies a protocol type mask
Protocol Wildcard
Return to ACL configuration task list.
Configuring ACL acceleration
Select Firewall > ACL from the navigation tree to enter the page shown in Figure 1. All existing ACLs will
be displayed in the right pane. You can enable or disable ACL acceleration for an ACL through the ACL
Acceleration column:
• indicates that the ACL is not accelerated. You can click the Start Accelerating
link to enable ACL acceleration.
• indicates that the ACL is accelerated. You can click the Stop Accelerating link
to disable ACL acceleration.
• indicates that the ACL has been modified after it was configured with ACL
acceleration. You can click the Start Accelerating link to enable ACL acceleration again, making
changes to the ACL take effect.
Return to ACL configuration task list.
ACL configuration example
Network requirements
A company interconnects its departments through the Firewall. The R&D department connects to the
Firewall through interface GigabitEthernet 0/1.
Configure an ACL to deny access from the R&D department to the salary server during office hours (from
8:00 to 18:00) in working days.
Figure 9 Network diagram for ACL configuration