HP VPN Firewall Appliances Access Control Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

Item Descri

tion

Source MAC Address

Set the source and destination MAC addresses.

•

Enter a new MAC address in the field. The new MAC address will be a MAC

address resource after you apply your configuration and the MAC address name

is the MAC address.

•

You can also select from the MAC address (group) resource list or click Multiple to

select more MAC addresses (groups). Available MAC address (group) resources

are configured on the page you enter by selecting Resource > Address. For more

information, see "Configuring address resources."

Destination MAC

Address

Enable Syslog

Select the box to enable logging for packets matching the rule.

You can view the interzone policy logs by selecting Log Report > Report > Interzone

Policy Log, or click the icon for an interzone policy rule in Figure 64 to view logs

for traffic that matches this interzone policy rule.

To log content filtering events, enable the logging function for the interzone policy and

the referenced content filtering policy.

Enable the rule Select the box to enable the rule.

Continue to add next

rule

Select the box to create another rule after finishing this one.

•

If you select this box, you will enter the interzone policy rule configuration page

after clicking Apply, with the source zone and destination zone selected for the

last rule.

•

If you do not select this box, you will see the list of interzone policy rule after

clicking Apply.

If you enter the rule configuration page by clicking the insert or replicate icon, you

cannot continue to insert or replicate new rules by selecting this box.

The following matrix shows the Using MAC Address box and hardware compatibility:

Hardware Com

atibilit

F1000-A-EI/F1000-S-EI Yes

F1000-E Yes

F5000 Yes

F5000-S/F5000-C Yes

VPN firewall modules Yes

20-Gbps VPN firewall modules No

Inserting an interzone policy rule

1. Select Firewall > Security Policy > Interzone Policy from the navigation tree to enter the interzone

policy rule list page.

2. Click the icon for a rule to enter the page for configuring an interzone policy rule.

The new rule takes the source zone and destination zone of the existing one as its default source

zone and destination zone. The newly created rule will be inserted before the existing rule for the

same zone pair.

3. Configure the rule as described in Table 21.

4. Click Apply.