Manualshelf

HP VPN Firewall Appliances Attack Protection Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
121122123124125126127128129130
124
Enable strict URPF check for zoneA on Device A and allow using the default route for URPF check.
Figure 106 Network diagram
Configuration procedure
1. Assign IP addresses for interfaces and add them into security zones. (Details not shown.)
2. Configure Device B:
# Define ACL 2010 to permit traffic from network 10.1.1.0/24 to pass.
<DeviceB> system-view
[DeviceB] acl number 2010
[DeviceB-acl-basic-2010] rule permit source 10.1.1.0 0.0.0.255
[DeviceB-acl-basic-2010] quit
# Enable strict URPF check for security zone zoneB.
[DeviceB] zone name zoneB
[DeviceB-zone-zoneB] ip urpf strict acl 2010
3. Configure Device A:
# Enable strict URPF check for security zone zoneA and allow use of the default route for URPF
check.
[DeviceA] zone name zoneA
[DeviceA-zone-zoneA] ip urpf strict allow-default-route