HP VPN Firewall Appliances Access Control Configuration Guide
62
Ste
p
Command
Remarks
4. Configure a description for
the object.
description
description-string
Optional.
By default, no description is configured for an
object.
5. Add a MAC address to the
object.
mac-address
mac-address
By default, a MAC address object has no
members.
A MAC address object can comprise multiple
MAC addresses. To add multiple MAC addresses,
execute this command multiple times.
Configuring a MAC address group object
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter VD system view.
switchto vd vd-name
Required only when you are first logged in to the
system view of the default VD and want to
configure an object for a non-default VD.
3. Create a MAC address
group object and enter
MAC address group
object view.
object-group mac
object-group-name
By default, no MAC address group object is
configured.
If the object already exists, you enter its view.
4. Configure a description for
the object.
description
description-string
Optional.
By default, no description is configured for an
object.
5. Add a MAC address
object or another MAC
address group object to
the object.
mac-object
object-name
By default, a MAC address group object has no
MAC address object or MAC address group
object members.
The MAC address object or MAC address group
object member must already exist.
A MAC address group object can comprise
multiple MAC address object and MAC address
group object members. To add multiple members,
execute this command multiple times.
Displaying and maintaining objects
Task Command
Remarks
Display IP address objects.
display object network [ host | range | subnet ]
[ vd vd-name ]
Available in any view.
Display MAC address objects. display object mac [ vd vd-name ] Available in any view.
Display a specific object. display object name object-name [ vd vd-name ] Available in any view.
Display IP address group objects. display object-group network [ vd vd-name ] Available in any view.
Display MAC address group
objects.
display object-group mac [ vd vd-name ] Available in any view.