HP 6120XG HP ProCurve Series 6120 Blade Switches Access Security Guide - Page 367
Example of Configuring a Standard ACL To Permit Only Traffic from Specific IP Addresses
View all HP 6120XG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 367 highlights
IPv4 Access Control Lists (ACLs) Configuring and Assigning an ACL Example of a Standard ACL. Suppose you wanted to configure a standard ACL and assign it to filter inbound traffic on port 10 in a particular switch: ■ The ID you selected for this ACL is "50". ■ You want the ACL to deny IP traffic from all hosts except these three: • 10.128.100.10 • 10.128.100.27 • 10.128.100.14 ProCurve(config)# access-list 50 permit host 10.128.100.10 ProCurve(config)# access-list 50 permit host 10.128.100.27 ProCurve(config)# access-list 50 permit host 10.128.80.14 ProCurve(config)# interface 10 ip access-group 50 in ProCurve(config)# write mem ProCurve(config)# show config • Permits IP traffic from the indicated IP address. Since, for this example, ACL 50 is a new list, this command also creates the ACL. • Permits IP traffic from the indicated IP address. Startup configuration: • The deny any that the switch implicitly ; J9085A Configuration Editor; Created on release #A.14.03 hostname "ProCurve Switch" snmp-server contact "Allen Smith" snmp-server location "Building P" includes in all standard ACLs denies IP packets from IP sources not included in the above three commands. ip access-list standard "50" permit 10.128.100.10 0.0.0.0 permit 10.128.100.27 0.0.0.0 permit 10.128.80.14 0.0.0.0 exit interface 10 Show config lists any ACLs and ACL assignments configured in the startup-config. access-group "50" in exit ip default-gateway 15.255.152.1 snmp-server community "public" Unrestricted vlan 1 name "DEFAULT_VLAN" ACL "50" is listed as assigned to filter inbound traffic on port 10. untagged 1-28 ip address dhcp-bootp exit show access-list resources shows the rule and ProCurve(config)# show access-list resources resource usage. Policy Engine Resource Usage Rules Rules Group Group Allocated Used Number QoS | 0 | 0 | 1 | CLI-ACL | 4 | 4 | 2 | IDM-ACL | 128| 128 | 3 | Free | 124| Figure 9-13. Example of Configuring a Standard ACL To Permit Only Traffic from Specific IP Addresses 9-43