R3166-R3206-HP High-End Firewalls Access Control Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

Item Descri

tion

Destination IP Address

Configure a destination address resource for the rule by creating an

address resource or referencing an existing address resource.

• If you select the New IP Address option, specify an IP address and

wildcard. After you apply the configuration, the system will

automatically create a subnet address resource. For example, if you

enter 1.1.1.1/0.0.0.255, a subnet address resource is created with the

resource name being 1.1.1.1/0.0.0.255.

• If you select the Destination IP Address option, you can choose an

existing address resource from the drop-down list or click Multiple to

select more. The available address resources are configured in the

page brought up by selecting Resource > Address. For more

information, see the chapter "Address resource configuration."

Service

Select a service resource for the rule.

You can choose one service resource from the drop-down list or click

Multiple to select more. The available service resources are configured in

the page you enter by selecting Resource > Service. For more information,

see the chapter "Service resource configuration."

Filter Action

Select the operation to be performed for packets matching the rule.

• Permit: Allows packets matching the rule to pass.

• Deny: Drops packets matching the rule.

Time Range

Select a time range resource for the rule.

Available time range resources are those that have been configured on

the page you enter by selecting Resource > Time Range. For more

information, see the chapter “Time range resource configuration.”

IMPORTANT:

If the selected time range resource includes the current time, the time range

is displayed as "Active" in the list of interzone policy rules. Otherwise, the

time range is displayed as "Inactive".

Using MAC Address

Specify whether to enable MAC address filtering.

With this checkbox selected, the source and destination MAC address

can be configured.

Source Mac Address

Specify the source and destination MAC addresses.

• Type a new MAC address in the text box. The new MAC address will

be a MAC address resource after you apply your configuration and the

MAC address name is the MAC address.

• You can also select from the MAC address (group) resource list or click

Multiple to select more MAC addresses (groups). Available MAC

address (group) resources are configured on the page you enter by

selecting Resource > Address. For more information, see the chapter

"Address resource configuration."

Destination Mac Address

Enable Syslog

Select this check box to enable logging for packets matching the rule.

You can view the recorded logs by selecting Log Report > Report >

Interzone Policy Log.

Enable Select this check box to enable the rule.