10-111
IPv4 Access Control Lists (ACLs)
Creating or Editing ACLs Offline
Figure 10-42. Example of Verifying the .txt File Download to the Switch
5.
If the configuration appears satisfactory, save it to the startup-config file:
HP Switch(config)# write memory
HP Switch(config)# show run
. . .
ip access-list extended "LIST-20-IN"
10 remark "THIS ACE APPLIES INBOUND ON VLAN 20"
10 permit tcp 0.0.0.0 255.255.255.255 10.10.20.98 0.0.0.0 eq 80
20 permit tcp 0.0.0.0 255.255.255.255 10.10.20.21 0.0.0.0 eq 80
30 deny tcp 0.0.0.0 255.255.255.255 10.10.20.1 0.0.0.255 eq 80
40 deny tcp 10.10.20.17 0.0.0.0 10.10.10.100 0.0.0.0 eq 23 log
50 deny tcp 10.10.20.23 0.0.0.0 10.10.10.100 0.0.0.0 eq 23 log
60 deny tcp 10.10.20.40 0.0.0.0 10.10.10.100 0.0.0.0 eq 23 log
70 permit ip 10.10.20.1 0.0.0.255 10.10.10.100 0.0.0.0
80 remark "VLAN 30 POLICY."
80 deny ip 10.10.30.1 0.0.0.255 10.10.10.100 0.0.0.0
90 permit ip 10.10.30.1 0.0.0.255 10.10.10.1 0.0.0.255
exit
. . .
vlan 20
name "VLAN20"
no ip address
ip access-group "LIST-20-in" in
exit
Note that the comments preceded
by “ ; “ in the .txt source file for this
configuration do not appear in the
ACL configured in the switch.
As a part of the instruction set included
in the .txt file, the ACL is assigned to
inbound IPv4 traffic on VLAN 20.
Summary of Contents for E3800 Series
Page 2: ......
Page 3: ...HP Networking E3800 Switches Access Security Guide September 2011 KA 15 03 ...
Page 30: ...xxviii ...
Page 86: ...2 36 Configuring Username and Password Security Password Recovery ...
Page 186: ...4 72 Web and MAC Authentication Client Status ...
Page 364: ...8 32 Configuring Secure Shell SSH Messages Related to SSH Operation ...
Page 510: ...10 130 IPv4 Access Control Lists ACLs General ACL Operating Notes ...
Page 548: ...11 38 Configuring Advanced Threat Protection Using the Instrumentation Monitor ...
Page 572: ...12 24 Traffic Security Filters and Monitors Configuring Traffic Security Filters ...
Page 730: ...20 Index ...
Page 731: ......