Manualshelf

TMS zl Management and Configuration Guide ST.1.2.100916

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
131132133134135136137138139140
2-10
Initial Setup in Routing Mode
Deploying the TMS zl Module
Management-Access Zones
You can enable management access on one zone, all zones, or no zones. Once
you specify a zone as a management-access zone, the TMS zl Module automat-
ically creates unicast access policies to permit management services between
the selected zone and Self.
Table 2-1. Services Permitted from a Management-Access Zone to Self
Table 2-2. Services Permitted from Self to a Management-Access Zone
For example, you have designed zones such that your management VLAN is
in Zone1. You enable management on Zone1, and the policies in Table 2-1 are
automatically created for Zone1-to-Self. The policies in Table 2-2 are created
for Self-to-Zone1.
The default access policies permit traffic to or from any device in the entire
management-access zone. After you define a management-access zone, you
can alter these policies to limit management access to certain IP addresses.
Also note that, instead of enabling management access for a zone, you can
create access policies to allow certain types of management traffic from a
zone to Self. For example, you could specify Zone1 as a management-access
zone and manually configure an access policy to permit HTTPS traffic from
the Internal zone to Self. In this case, you could access the module’s Web
browser interface from the Internal zone even though it is not a management-
access zone.
ICMP/echo snmp
bootpc snmptrap
bootps ssh
https
bootpc ftp radius snmptrap
bootps http radius-acct ssh
dns-tcp https smtp syslog
dns-udp ICMP/echo snmp tftp