HP TMS zl Module Security Administrator's Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

141

142

143

144

145

146

147

148

149

150

2-66

Managing TMS zl Firewalls

Configuring Firewalls

d. Use the To Zone drop-down list to select the destination zone of

packets that will be translated.

e. Use the Service drop-down list to select the service and port (default

port or corresponding named object) to allow translation of specific

services. Select Any Service to allow translation of all traffic from the

selected source to the selected destination.

f. Optionally, further describe the service:

– Select Enter Custom Protocol/Port from the right drop-down list.

– Select the service from the left Service drop-down list.

– To the right of the selected service, type the beginning and ending

port numbers. To enter a single port, type the port number in both

the beginning and ending fields.

g. To translate packets from one or more specific IP addresses, select

Enter IP, IP/mask, or IP-Range from the right drop-down list in the Source

field and type the IP address or range in the left Source field.

Use a hyphen to separate the beginning and ending IP addresses in a

range. Multiple non-sequential IP addresses are not allowed.

Use the IP/Mask field to specify an IP subnet (e.g., 1.1.1.0/24, 1.1.1.0/

255.255.255.0)

h. To translate packets to one or more specific IP addresses, select Enter

IP, IP/mask, or IP-Range from the right drop-down list in the Destination

field and type the IP address or range in the left Destination field.

Use a hyphen to separate the beginning and ending IP addresses in a

range. Multiple non-sequential IP addresses are not allowed.

Use the IP/Mask field to specify an IP subnet (e.g., 1.1.1.0/24, 1.1.1.0/

255.255.255.0).

i. To translate packets from a specific NAT IP address, select NAT IP

Address and type the IP address in this field.

To translate packets based on the VLAN used for the packet, select

use IP of Routed VLAN interface.

j. If you want to position the rule before or after existing rules, type the

position in the Insert Position field. Or, leave the Position field blank to

position at the end.

k. Click Next.

7. Ensure the Summary information is correct and, if desired, permanently

save the policy on the selected security device by checking the Save

Configuration check box and clicking Next.