Manualshelf

R3721-F3210-F3171-HP High-End Firewalls Attack Protection Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
31323334353637383940
27
Item Descri
p
tion
Type of Check Set the URPF check type, Strict or Loose.
URPF configuration example
CAUTION:
In this configuration example, either Device A or Device B is the firewall.
Network requirements
As shown in Figure 30, Device A directly connects to Device B. Enable strict URPF check in zoneB of
Device B to allow packets whose source addresses match ACL 2010 to pass. Enable strict URPF check in
zoneA of Device A to allow use of the default route for URPF check.
Figure 30 Network diagram
Configuring Device B
# Configure the interface IP addresses and security zones they belong to. (Details not shown.)
# Define ACL 2010 to permit traffic from network 10.1.1.0/24 to pass.
Select Firewall > ACL from the navigation tree, click Add, and then perform the following operations,
as shown in Figure 31.
Figure 31 De
fining ACL 2010
Enter 2010 in ACL Number.
Select Config for Match Order.
Click Apply.
On the ACL list page, click corresponding to ACL 2010, click Add, and then perform the
following operations, as shown in Figure 32.