Manualshelf

R3721-F3210-F3171-HP High-End Firewalls Access Control Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
11121314151617181920
4
Enable ACL acceleration in an ACL after you have finished editing ACL rules. ACL acceleration always
uses ACL criteria that have been set before it is enabled for rule matching. It does not synchronize with
any subsequent match criterion changes.
Configuring an ACL in the Web interface
Configuration task list
Table 2 ACL configuration task list
Task Remarks
Creating an ACL
Required.
The category of the created ACL depends on the ACL number that
you specify.
Configuring a basic ACL rule Required.
Complete one of the three tasks according to the ACL category.
IMPORTANT:
Within an ACL, the permit or deny statement of each rule must
be unique. If the ACL rule you are creating or editing has the
same deny or permit statement as another rule in the ACL, your
creation or editing attempt will fail.
You can edit ACL rules only when the match order is config.
Configuring an advance ACL rule
Configuring an Ethernet frame header
ACL rule
Configuring ACL acceleration
Optional.
Necessary only when the ACL contains a large number of ACL
rules.
IMPORTANT:
Only IPv4 basic ACLs and IPv4 advanced ACLs support ACL
acceleration.
ACL acceleration is not available for ACLs that contain a
non-contiguous wildcard mask, for example, 0.255.0.255.
After you modify an IPv4 ACL with ACL acceleration enabled,
disable and re-enable ACL acceleration to guarantee correct
rule matching.
Creating an ACL
After you select Firewall > ACL from the navigation tree, all existing ACLs will be displayed in the right
pane, as shown in Figure 1. C
lick Add to enter the ACL configuration page, as shown in Figure 2.