Manualshelf

HP VPN Firewall Appliances Access Control Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
31323334353637383940
30
Configuration considerations
Three security zones are needed: one for the internal users, one for the servers, and one for the external
users, in the order of priority (from high to low). The default zones Trust, DMZ, and Untrust can answer
the requirements for security zones.
To prepare the firewall for zone-based security policy deployment, configure the firewall as follows:
Add the port connected to the internal network (GigabitEthernet 0/3) to security zone Trust.
Add the port connected to the Internet (GigabitEthernet 0/2) to security zone Untrust.
Deploy the servers in security zone DMZ, and add the port connected to the servers
(GigabitEthernet 0/1) to security zone DMZ.
Configuration procedure
1. Add interface GigabitEthernet 0/3 to security zone Trust:
a. Select Device Management > Zone from the navigation tree to enter the security zone
management page.
b. Click the icon for security zone Trust.
c. Select interface GigabitEthernet0/3.
d. Click Apply.
e. Click Back to return to the security zone management page.