HP VPN Firewall Appliances Access Control Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

Managing services ····················································································································································· 38

Service management configuration examples ············································································································ 40

HTTP configuration example ································································································································ 40

HTTPS configuration example ······································································································································· 43

Configuring address resources ································································································································· 49

Address resource overview ··········································································································································· 49

Configuring address resources in the Web interface ································································································ 49

Configuring IP address resources ························································································································ 49

Configuring an IP address group resource ········································································································· 53

Configuring a MAC address resource ················································································································ 55

Configuring a MAC address group resource····································································································· 56

Exporting and importing configuration ··············································································································· 57

Configuring address resources at the CLI ···················································································································· 58

Configuring an IP address object ························································································································ 59

Configuring an IP address group object ············································································································· 61

Configuring a MAC address object ···················································································································· 61

Configuring a MAC address group object ········································································································· 62

Displaying and maintaining objects ···················································································································· 62

Configuring service resources ··································································································································· 64

Overview ········································································································································································· 64

Configuring the service resources in the Web interface ···························································································· 64

Displaying default service resources ··················································································································· 64

Configuring a customized service resource········································································································ 65

Configuring a service group resource ················································································································ 67

Exporting and importing the configurations ······································································································· 68

Configuring the service resource at the CLI ················································································································· 69

Configuring a service object ································································································································ 69

Configuring a service group object ····················································································································· 70

Displaying and maintaining objects ···················································································································· 70

Configuring a time range resource ··························································································································· 71

Configuration guidelines ··············································································································································· 71

Configuring a time range resource in the Web interface ························································································· 71

Configuring a time range at the CLI ···························································································································· 72

Configuring an interzone policy ······························································································································· 74

Interzone policy rule ·············································································································································· 74

Interzone policy group ·········································································································································· 74

Configuring the interzone policy rules in the Web interface ···················································································· 75

Configuring an interzone policy rule ·················································································································· 75

Configuring an interzone policy group ·············································································································· 81

Exporting and importing configurations ············································································································· 83

Displaying packet statistics of an interzone policy ···························································································· 84

Interzone policy configuration example·············································································································· 84

Configuring the interzone policy rules at the CLI········································································································ 91

Interzone policy rule configuration task list ········································································································ 91

Configuring the interzone policy group ·············································································································· 95

Displaying and maintaining interzone policies ·································································································· 96

Interzone policy rule configuration example ······································································································ 96

Interzone policy group configuration example ·································································································· 99

Using a wizard to configure a firewall policy ·········································································································· 101

Configuration prerequisites ································································································································ 101