SROS Command Line Interface Reference Guide
Demand Interface Configuration Command Set
5991-2114
© Copyright 2007 Hewlett-Packard Development Company, L.P.
819
access-policy
<policyname>
Use the
access-policy
command to assign a specified access policy for the inbound traffic to an interface.
Use the
no
form of this command to remove an access policy association.
Syntax Description
<policyname>
Identifies the configured access policy by alphanumeric descriptor. (All access
policies are case-sensitive.)
Default Values
By default, there are no configured access policies associated with an interface.
Functional Notes
To assign an access policy to an interface, enter the interface configuration mode for the desired interface
and enter
access policy
<policy name>
. For more details on creating and using access policies, refer to
Usage Examples
The following example associates the access policy
UnTrusted
(to allow inbound traffic to the Web server)
to the demand interface:
Enable the SROS security features:
ProCurve(config)#
ip firewall
Create the access list (this is the packet selector):
ProCurve(config)#
ip access-list extended InWeb
ProCurve(config-ext-nacl)#
permit tcp any host 10.12.5.253 eq 80
Create the access policy that contains the access list
InWeb
:
ProCurve(config)#
ip policy-class UnTrusted
ProCurve(config-policy-class)#
allow list InWeb
Associate the access list with the demand interface (labeled 1):
ProCurve(config)#
interface demand 1
ProCurve(config-demand 1)#
access-policy UnTrusted
Note
Configured access policies will only be active if the
ip firewall
command has been entered
at the Global Configuration mode prompt to enable the SROS security features. All
configuration parameters are valid, but no security data processing will be attempted
unless the security features are enabled.
Содержание ProCurve Secure 7102dl
Страница 2: ......
Страница 3: ...SROS Command Line Interface Reference Guide Software Version J 08 03 September 2007 61195880L1 35H ...
Страница 1454: ......