R3204P16-HP Load Balancing Module Security Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

To do… Use the command… Remarks

Set the rule numbering step step step-value

Optional

5 by default.

Create or edit a rule

rule [ rule-id ] { deny | permit }

[ counting | fragment | logging

| source { sour-addr

sour-wildcard | any } |

time-range time-range-name ] *

Required

By default, an IPv4 basic ACL does not

contain any rule.

Add or edit a rule comment

rule rule-id comment text

Optional

By default, an IPv4 ACL rule has no rule

description.

Configuring an IPv4 advanced ACL

IPv4 advanced ACLs match packets based on source IP addresses, destination IP addresses, packet

priorities, protocols over IP, and other protocol header information, such as TCP/UDP source and

destination port numbers, TCP flags, ICMP message types, and ICMP message codes.

Compared to IPv4 basic ACLs, IPv4 advanced ACLs allow more flexible and accurate filtering.

Follow these steps to configure an IPv4 advanced ACL:

To do… Use the command… Remarks

Enter system view

system-view ––

Create an IPv4

advanced ACL and

enter its view

acl number acl-number [ name

acl-name ] [ match-order { auto |

config } ]

Required

By default, no ACL exists.

IPv4 advanced ACLs are numbered in

the range 3000 to 3999.

You can use the acl name acl-name

command to enter the view of a named

IPv4 ACL.

Configure a description

for the IPv4 advanced

ACL

description text

Optional

By default, an IPv4 advanced ACL has

no ACL description.

Set the rule numbering

step

step step-value

Optional

5 by default.