Manualshelf

HP VPN Firewall Appliances Access Control Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
31323334353637383940
26
Figure 17 Network diagram
When the source zone is not any, the destination zone cannot be any either.
The source zone can be any, but configuring the source zone as any might cause the device
unconfigurable. To avoid this problem, the system defines the rule that the Management zone does not
belong to the any zone.
Configuring the security zone in the Web interface
Recommended configuration procedure
Ste
p
Remarks
1. Creating a security zone
Optional.
By default, the default VD Root has the following security zones:
Management, Local, Trust, DMZ, and Untrust, and no security zone exists
on user-defined VDs.
2. Adding members to the
security zone
Required.
Add Layer 3 interfaces and Layer 2 interfaces with their VLANs to the
security zone.
The interfaces and VLANs must belong to the same VD as the security
zone. For information about how to assign interfaces and VLANs to a VD,
see System Management and Maintenance Configuration Guide.
Interfaces must be added to a security zone to operate correctly.
The security zone Local represents the device itself, and no interface can be added to the zone as a
member.