R3721-F3210-F3171-HP High-End Firewalls Access Control Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

Configuring an ACL at the CLI

ACL configuration task list

Complete the following tasks to configure an ACL:

Task Remarks

Configuring a basic ACL Required.

Configure at least one task.

NOTE:

• Within an ACL, the permit or deny statement of each rule

must be unique. If the ACL rule you are creating or editing

has the same deny or permit statement as another rule in the

ACL, your creation or editing attempt will fail.

• You can edit ACL rules only when the match order is config.

Configuring an advanced ACL

Configuring an Ethernet frame header ACL

Copying an ACL

Optional.

Applicable to IPv4 and IPv6.

Enabling ACL acceleration for an IPv4 ACL

Optional.

Configuring a basic ACL

Configuring an IPv4 basic ACL

IPv4 basic ACLs match packets based only on source IP addresses.

To configure an IPv4 basic ACL:

Ste

Command Remarks

1. Enter system view. system-view N/A

2. Create an IPv4 basic ACL

and enter its view.

acl number acl-number [ name

acl-name ] [ match-order { auto |

config } ]

By default, no ACL exists.

IPv4 basic ACLs are numbered in the

range 2000 to 2999.

You can use the acl name acl-name

command to enter the view of a named

IPv4 ACL.

3. Configure a description

for the IPv4 basic ACL.

description text

Optional.

By default, an IPv4 basic ACL has no

ACL description.

4. Set the rule numbering

step.

step step-value

Optional.

5 by default.