Manualshelf

R3166-R3206-HP High-End Firewalls Access Control Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
11121314151617181920
11
Configuration procedure
1.
Create a time range for office hours
# Create a periodic time range from 8:00 to 18:00 on working days.
Select Resource > Time Range from the navigation tree and then click Add.
Type worktime in the Name text box.
Select the Periodic Time Range check box.
Set the start time to 8:00.
Set the end time to 18:00.
Select the Mon., Tues., Wed., Thurs., and Fri. check boxes.
Click Apply.
2.
Define an ACL to control access to the salary server
# Create an advanced ACL.
Select Firewall > ACL from the navigation tree, and then click Add.
Type the ACL number 3000.
Select the match order Config.
Click Apply.
# Create a rule to deny access from all departments to the salary server during the time range.
From the ACL list, select ACL 3000 and click the corresponding icon in the Operation column.
Then, click Add to enter the ACL rule configuration page.
Select the Rule ID check box and type 0 in the following text box.
Select Deny from the Operation drop-down box.
Select worktime from the Time Range drop-down box.
Select the Destination IP Address check box and type 10 .1.1.1 and 0.0.0.0 respectively in the
following text boxes.
Click Apply.
Configuring ACL in the CLI
Item Descri
p
tion
Configuring a basic ACL
Required
Configure at least one task.
Configuring an advanced ACL
Configuring an Ethernet frame header ACL
Copying an ACL Optional
Enabling ACL acceleration for an IPv4 ACL Optional
Configuring a basic ACL
IPv4 basic ACLs match packets based only on source IP addresses.
Follow these steps to configure an IPv4 basic ACL: