Manualshelf

Configuration Guide for A7000 dl T1 and E1 WAN Interfaces 2005-12

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Secure Router dl 1-port DS-3 Wide Module
11121314151617181920
Understanding SROS Queuing Methods Access Policy Action Statements
5991-3823 19
allow list <access list names>
All packets permitted by the access list(s) will be allowed to enter the router system.
allow list <access list names> policy <access policy name>
All packets permitted by the access list(s) and destined for the interface using the access policy listed will
be allowed to enter the router system. This command creates configurations to allow packets to a single
interface and not the entire system.
allow list <access list names> self
All packets permitted by the access list(s) and destined for any local interface on the unit will be allowed to
enter the router system. These packets are terminated by the unit and are not routed or forwarded to other
destinations. This access list can be used for external access to Telnet or the Web GUI.
allow reverse list <access list names>
All packets denied by the access list(s) will be allowed to enter the router system.
allow reverse list <access list names> policy <access policy name>
All packets denied by the access list(s) and destined for the interface using the access policy listed will be
allowed to enter the router system. This command creates configurations to allow packets to a single
interface and not the entire system.
allow reverse list <access list names> self
All packets denied by the access list(s) and destined for any local interface on the unit will be allowed to
enter the router system. These packets are terminated by the unit and are not routed or forwarded to other
destinations. This access list can be used for external access to Telnet or the Web GUI.
discard list <access list names>
All packets permitted by the access list(s) will be dropped from the router system.
discard list <access list names> policy <access policy name>
All packets permitted by the access list(s) and destined for the interface using the access policy listed will
be discarded from the router system. This command creates configurations to discard packets on a
specified interface.
discard list <access list names> self
All packets permitted by the access list(s) and destined for any local interface on the unit will be discarded
from the router system. This command creates configurations to deny external access to the router on a
specified interface.
nat destination list <access list names> address <IP address> port
All packets permitted by the access list(s) will be modified to replace the destination IP address with the
entered IP address. This hides private IP addresses from outside the local network. The overload keyword
is not an option when performing NAT on the destination IP address; each private address must have a
unique public address. This function is known as “one-to-one NAT.” The port keyword takes all packets
and replaces the destination TCP/UDP port with the specified port number. This function is known as “port
forwarding.”