HP VPN Firewall Appliances Access Control Configuration Guide

Item Descri

tion

Destination MAC Address

Select the Destination MAC Address box, and specify the destination MAC

address and wildcard.

Destination Wildcard

LSAP Type

Select the LSAP Type box, and specify the DSAP and SSAP fields in the LLC

encapsulation by configuring the following two items:

• LSAP Type—Specifies the encapsulation format.

• LSAP Wildcard—Specifies the LSAP mask.

LSAP Wildcard

Protocol Type

Select the Protocol Type box, and specify the link layer protocol by configuring

the following two items:

• Protocol Type—Specifies a protocol type in Ethernet_II and Ethernet_SNAP

frames.

• Protocol Wildcard—Specifies a protocol type mask.

Protocol Wildcard

Configuring ACL acceleration

Select Firewall > ACL from the navigation tree to enter the page shown in Figure 1. All existing ACLs will

be displayed in the right pane. You can enable or disable ACL acceleration for an ACL through the ACL

Acceleration column:

• A red light indicates that the ACL is not accelerated. Click the Start Accelerating link to enable ACL

acceleration.

• A green light indicates that the ACL is accelerated. Click the Stop Accelerating link to disable ACL

acceleration.

• A half-green half-red light indicates that the ACL has been modified after it was configured with ACL

acceleration. Click the Start Accelerating link to enable ACL acceleration again, making changes

to the ACL take effect.

ACL configuration example

Network requirements

As shown in Figure 9, Host A connects to Firewall through GigabitEthernet 0/1.

Configure an ACL to do the following:

• Allow Host A to access Firewall using HTTP.

• Allow hosts on other segments to access Firewall using HTTP on only working days.