Manualshelf

R3721-F3210-F3171-HP High-End Firewalls Access Control Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
12345678910
i
Contents
Configuring ACLs ························································································································································· 1
Overview ············································································································································································ 1
ACL categories ························································································································································· 1
ACL numbering and naming ··································································································································· 1
Match order ······························································································································································ 2
ACL rule numbering ················································································································································· 3
Implementing time-based ACL rules ························································································································ 3
Fragments filtering with ACLs ·································································································································· 3
IPv4 ACL acceleration ·············································································································································· 3
Configuring an ACL in the Web interface ····················································································································· 4
Configuration task list ·············································································································································· 4
Creating an ACL ······················································································································································· 4
Configuring a basic ACL rule ································································································································· 5
Configuring an advance ACL rule ·························································································································· 7
Configuring an Ethernet frame header ACL rule ·································································································· 9
Configuring ACL acceleration ······························································································································ 11
ACL configuration example ·································································································································· 11
Configuring an ACL at the CLI ······································································································································ 15
ACL configuration task list ···································································································································· 15
Configuring a basic ACL ······································································································································ 15
Configuring an advanced ACL ···························································································································· 17
Configuring an Ethernet frame header ACL ······································································································· 18
Copying an ACL ···················································································································································· 19
Enabling ACL acceleration for an IPv4 ACL ······································································································· 20
Displaying and maintaining ACLs ······················································································································· 20
ACL configuration example ·································································································································· 21
Configuring security zones ········································································································································ 23
Overview ········································································································································································· 23
Zone configuration task list ·································································································································· 24
Creating a zone ···················································································································································· 24
Configuring a zone member ································································································································ 25
Zone configuration example ········································································································································· 27
Configuring service management ····························································································································· 32
Overview ········································································································································································· 32
Configuring service management ································································································································ 33
Service management configuration examples ············································································································ 34
HTTP configuration example ································································································································ 34
HTTPS configuration example ······························································································································ 38
Configuring address resources ································································································································· 44
Address resource overview ··········································································································································· 44
Configuring an address resource ································································································································· 44
Configuring a host address resource ·················································································································· 44
Configuring an address range resource ············································································································· 45
Configuring a subnet address resource ·············································································································· 47
Configuring an IP address group resource ········································································································· 48
Configuring a MAC address resource ················································································································ 49
Configuring a MAC address group resource····································································································· 50