Manualshelf

WESM xl Management and Configuration Guide WS.02.XX and greater

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
541542543544545546547548549550
7-2
Access Control Lists (ACLs)
Overview
Overview
You can configure access control lists (ACLs) on the ProCurve Wireless Edge
Services xl Module to control traffic to and from wireless stations. An ACL is
an ordered list of rules that select packets according to header information
and dictate whether the module should permit (forward) or deny (drop) those
packets.
ACLs allow you to control wireless users’ network rights. You can configure
ACLs for purposes such as:
limiting certain groups of wireless users to Internet access only
permitting certain groups of wireless users access to a limited list of
network servers
limiting certain groups of wireless users to certain types of applications
restricting access to a particular private server to a select group of
users only
You can also use ACLs to select traffic for Network Address Translation (NAT).
See Chapter 8: Configuring Network Address Translation (NAT) to learn
how to configure this feature of the Wireless Edge Services xl Module’s
firewall.
Stateful ACLs
The Wireless Edge Services xl Modules ACLs are stateful. In other words, the
module tracks traffic associated with a particular session. Once it has permit-
ted one packet in a session, it permits all packets necessary for that session.
For example, if you create a rule to permit traffic from wireless stations to an
HTTP server, you do not need to create a rule to permit the HTTP server’s
return traffic.