Manualshelf

R3166-R3206-HP High-End Firewalls Access Control Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
12345678910
i
Contents
ACL configuration ························································································································································ 1
ACL overview ···································································································································································· 1
IPv4 ACL categories ················································································································································· 1
ACL numbering and naming ··································································································································· 1
Match order ······························································································································································ 1
ACL rule numbering ················································································································································· 2
Fragments filtering with ACLs ·································································································································· 3
ACL acceleration ······················································································································································ 3
Configuring ACL in the web interface ···························································································································· 3
Configuration task list ·············································································································································· 3
Creating an ACL ······················································································································································· 4
Configuring a basic ACL rule ································································································································· 5
Configuring an advance ACL rule ·························································································································· 6
Configuring an Ethernet frame header ACL rule ·································································································· 8
Configuring ACL acceleration ······························································································································ 10
ACL configuration example ·································································································································· 10
Configuring ACL in the CLI ··········································································································································· 11
Configuring a basic ACL ······································································································································ 11
Configuring an advanced ACL ···························································································································· 12
Configuring an Ethernet frame header ACL ······································································································· 13
Copying an ACL ···················································································································································· 14
Enabling ACL acceleration for an IPv4 ACL ······································································································· 14
Displaying and maintaining ACLs ······················································································································· 15
ACL configuration examples ································································································································ 15
Configuration guidelines ··············································································································································· 15
Zone configuration ····················································································································································· 16
Zone overview ································································································································································ 16
Configuring a zone ························································································································································ 17
Configuration task list ··········································································································································· 17
Creating a zone ···················································································································································· 17
Configuring a zone member ································································································································ 18
Zone configuration example ········································································································································· 20
Service management ················································································································································· 23
Overview ········································································································································································· 23
Configuring service management ································································································································ 24
Address resource configuration ································································································································ 26
Address resource overview ··········································································································································· 26
Configuring an address resource ································································································································· 26
Configuring a host address resource ·················································································································· 26
Configuring an address range resource ············································································································· 27
Configuring a subnet address resource ·············································································································· 28
Configuring an IP address group resource ········································································································· 29
Configuring a MAC address resource ················································································································ 30
Configuring a MAC address group resource····································································································· 31
Exporting and importing configuration ··············································································································· 32
Service resource configuration ·································································································································· 34
Service resource overview ············································································································································ 34