HP VPN Firewall Appliances Access Control Configuration Guide
95
Configuring the interzone policy group
Interzone policy group configuration task list
Task Remarks
Creating the interzone policy group Required.
Enabling the interzone policy group Required.
Moving an ACL in the interzone policy group Optional.
Configuration prerequisites
Before configuring the interzone policy group, complete the following tasks:
• Create a VD (see System Management and Maintenance Configuration Guide).
• Configure IPv4 ACLs (see "Configuring ACLs").
Creating the interzone policy group
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter VD system view.
switchto vd vd-name Required for a VD.
3. Create an interzone instance
and enter its view.
interzone source
source-zone-name destination
destination-zone-name
By default, no interzone instance
exists.
4. Reference an ACL to create an
interzone policy group.
rule acl acl-number
By default, no interzone policy
group exists.
Enabling the interzone policy group
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter VD system view.
switchto vd vd-name Required for a VD.
3. Enter interzone instance view.
interzone source
source-zone-name destination
destination-zone-name
N/A
4. Enable the interzone policy
group.
rule acl enable
By default, the interzone policy
group is disabled.
Moving an ACL in the interzone policy group
The ACLs in an interzone policy are matched in the order that they are displayed in the output from the
display this command in interzone instance view. To flexibly adjust the match order of ACLs, you can
move an ACL in the interzone policy as needed.
To move an ACL referenced by the interzone policy:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A