WESM zl Management and Configuration Guide WT.01.28 and greater

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

551

552

553

554

555

556

557

558

559

560

7-23

Access Control Lists (ACLs)

Configuring ACLs

3. In the Precedence field, specify the precedence for the rule, from 1

through 5,000. The Wireless Edge Services zl Module processes rules in ascend-

ing order (starting at 1, moving to 2, and so on).

As you assign precedence values to rules for a given ACL, consider using

nonconsecutive numbers (for example, 10, 20, 30, and so on) in case you need

to insert new rules in between existing rules later.

4. In the Operation field, use the drop-down menu to select the operation (deny,

permit, or mark) for the rule.

5. If you selected the mark operation in step 4, under Attribute to mark, select one

of the following:

• 802.1p—Then specify the traffic service class value, from 0 through 7.

• TOS—Then specify the value for the TOS octet, from 0 through 255.

Standard DSCP values are from 0 through 63.

Remember that higher values typically mark traffic for better QoS.

6. In the Source Wildcard field, type one of the following:

•

any—The rule will apply to traffic sent from any device. (This allows you

to filter traffic based on fields other than the source MAC address.)

•

host—The rule will apply to traffic from a specific device only. Enter this

device’s MAC address in the Source Address field.

• MAC address mask—The rule will apply to a range of MAC addresses.

Enter the mask in standard six-octet MAC address format

(XX-XX-XX-XX-XX-XX, in which you replace “Xs” with “Fs” to match

octets and “0s” to ignore the bit).

Then enter a MAC address in the Source Address field.

For example, you enter a MAC address mask of FF-FF-FF-00-00-00 and an

address of 00:C0:49:00:00:00. The rule matches source MAC addresses to

the first three octets and ignores the next three octets.

7. In the Destination Wildcard and Destination Address fields, specify the desti-

nation MAC address or addresses. Use the same rules discussed in the previous

step.

8. If you plan to apply this rule to the downlink port, you can optionally specify

the WLAN. In the Wlan Index field, specify the index number (from 1

through 256) of the WLAN from which traffic must arrive.

If you do not specify a WLAN index, the rule will apply to any traffic that

matches other filters.