R3204P16-HP Load Balancing Module Security Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

171

172

173

174

175

176

177

178

179

180

172

NOTE:

For more information about basic and advance ACL configuration, see

Security Configuration Guide

Follow these steps to specify the persistent session ACL:

To do... Use the command...

Remarks

Enter system view system-view —

Specify the persistent session ACL

session persist acl acl-number

[ aging-time time-value ]

Required

Not specified by default

NOTE:

There can be only one persistent session ACL.

Clearing sessions manually

Follow the step below to clear sessions manually:

To do... Use the command...

Remarks

Clear sessions

reset session [ vd-name vd-name ] [ source-ip source-ip ]

[ destination-ip destination-ip ] [ protocol-type protocol-type ]

[ source-port source-port ] [ destination-port destination-port ]

[ vpn-instance vpn-instance-name ]

Required

Available in user

view

Configuring session logging

Session logs are used to track information about user access, IP address translation, and traffic, and can

be sent to the log server in a specific format. It can help network administrators in security auditing.

Configuring session log export

Session logs are exported in the form of flow logs.

Follow these steps to configure session log exporting:

To do… Use the command…

Remarks

Enter system view system-view —

Specify the flow log version userlog flow export version version-number

Optional

1.0 by default

Specify the source IP address

for UDP packets carrying

flow logs

userlog flow export source-ip ip-address

Optional

IP address of the interface

sending UDP packets by default

Specify the IP address and

UDP port number of the flow

log server

userlog flow export host ip-address udp-port

Required

Not specified by default