Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100430

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
1331133213331334133513361337133813391340
A-103
Command-Line Reference
Global Configuration Context
Note If you cannot ping a device, check that you have configured an access policy
to allow ICMP/Echo traffic from the Self zone to the zone you are trying to ping.
port-map
This command allows you to configure port maps so that your firewall and
IPS/IDS know which type of traffic is expected on which ports.
To configure (or delete) a port map, enter the following command:
Syntax: [no] port-map <service> < tcp | udp > <port>
Replace <services> with the name of the service for which you are creating
the map.
Replace <port> with the port to which the firewall and IDS/IPS will expect the
service.
Available services are listed in Table A-29.
Table A-29. Services Available
For example, to add a port map for HTTP over TCP through port 9000, enter
the following command:
ProCurve(tms-module-<slot ID>)# port-map http tcp 9000
port-trigger
Use this command to create policies that enable the module’s firewall to
monitor dynamically negotiated ports.
To create a port trigger policy, type the following command:
Syntax: port-trigger <policy name> <target address> <protocol>
< inbound | outbound > < tcp | udp > < port | range <start port> <end port> > [enable
| disable | allow-any-inbound]
FTP HTTP IMAP NNTP
POP3 RSTP SMTP TCPDNS
TCPRPC TCPSIP TELNET UDPDNS
UDPRPC UDPSIP