HP ProCurve 5300xl Series Management Manual page 381
Advanced traffic
Hide thumbs
Also See for ProCurve 5300xl Series:
- Access security manual (292 pages) ,
- Specification sheet (12 pages) ,
- Management and configuration manual (508 pages)
Table of Contents
Advertisement
The mask is applied to the IP address in the ACL to define
which bits in a packet's source IP address must exactly
match the IP address configured in the ACL and which
bits need not match. Note that specifying a group of
contiguous IP addresses may require more than one
ACE. For more on how masks operate in ACLs, refer to
"How an ACE Uses a Mask To Screen Packets for Matches"
on page 9-20.
[ log]
Optionally generates an ACL log message if:
•
•
• ACL logging is enabled on the switch. (Refer to
(Use the debug command to direct ACL logging output to
the current console session and/or to a Syslog server. Note
that you must also use the logging < ip-addr > command to
specify the IP addresses of Syslog servers to which you want
log messages sent. See also "Enable ACL "Deny" Logging"
on page 9-59.)
Syntax: vlan < vid > ip access-group < ASCII-STR > < in | out >
Assigns an ACL, designated by an ACL ID (<
to a VLAN.
Example of a Standard ACL. Suppose you wanted to configure a standard
ACL and assign it to filter inbound traffic on VLAN 10 in a particular switch:
The ID you selected for this ACL is "50".
■
You want the ACL to deny IP traffic from all hosts except these three:
■
•
18.128.100.10
•
18.128.100.27
•
18.128.100.14
Access Control Lists (ACLs) for the Series 5300xl Switches
The action is deny.
There is a match.
"Enable ACL "Deny" Logging" on page 9-59.)
Configuring and Assigning an ACL
ASCII-STR
>),
9-35
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
