The items on the IPsec/Firewall policy pages are described below.
Table 5-1
IPsec/Firewall Policy page
Item
Description
Enable IPsec/Firewall
or
Enable Firewall
Enter a check mark in the checkbox to enable your IPsec/Firewall policy. Clear this
checkbox to disable IPsec/Firewall operation.
IPsec/Firewall Rules
An IPsec/Firewall policy consists of rules for processing IP packets. Up to ten rules may
be configured. Rules are in descending order of precedence (for example, Rule 1 is
higher in precedence than Rule 2).
Each rule is defined by the following fields:
●
An
Enable
checkbox indicates whether a configured rule is enabled or disabled
for the policy.
●
Address Template
: Identifies the IP addresses for which the rule applies. You
may select among several predefined templates, or specify a custom template.
Click on a template entry to view or modify the template configuration.
●
Services Template
: Identifies the services for which the rule applies. You may
select among several predefined templates, or specify a custom template. Click
on a template entry to view or modify the template configuration.
CAUTION:
If the
All Services
template for a rule is not specified, a
security risk may exist. Future networking applications that are deployed
after the IPsec Policy is in place may not be IPsec-protected unless the
All Services
template is used.
For example, installing a third-party Chai service plug-in, or upgrading
firmware for the printer or print server, may result in a new service that is
not covered by the IPsec policy, Policies should be revisited whenever
firmware is updated or a new Chai applet is installed.
●
Action on Match
: Identifies how to process the IP traffic that contains the
addresses and services specified.
For Firewall operation, the traffic will be allowed or dropped, depending on the
action specified by the rule.
For IPsec operation, the traffic may be allowed without IPsec protection, dropped,
or IPsec-protected using an IPsec template specified for the rule. Click on a
template entry to view or modify the template configuration.
Default Rule
When a Firewall or IPsec policy is enabled and rules are configured, a default rule
specifies whether to process IP packets that do not match the configured rules.
Select
Drop
(default) to discard traffic that is not covered by the configured rules.
Select
Allow
to allow traffic that is not covered by the configured rules. However,
allowing IP packets that do not match the configured rules is not secure.
For an example, see
Default Rule Example on page 100
.
ENWW
99
Содержание 635n - JetDirect IPv6/IPsec Print Server
Страница 2: ......
Страница 3: ...HP Jetdirect Print Servers Administrator s Guide Firmware V 36 ...
Страница 10: ...viii ENWW ...
Страница 18: ...8 Chapter 1 Introducing the HP Jetdirect Print Server ENWW ...
Страница 26: ...16 Chapter 2 HP Software Solutions Summary ENWW ...
Страница 106: ...96 Chapter 4 Embedded Web Server V 36 xx ENWW ...
Страница 108: ...Figure 5 1 Firewall Policy page Figure 5 2 IPsec Policy page 98 Chapter 5 IPsec Firewall Configuration V 36 xx ENWW ...
Страница 136: ...126 Chapter 7 Troubleshooting the HP Jetdirect Print Server ENWW ...
Страница 162: ...152 Chapter 8 HP Jetdirect Configuration Pages ENWW ...
Страница 174: ...164 Appendix A LPD Printing ENWW ...
Страница 194: ...184 Appendix D Open Source Licensing Statements ENWW ...
Страница 200: ...190 Index ENWW ...
Страница 201: ......
Страница 202: ... 2007 Hewlett Packard Development Company L P www hp com ...