HP PROCURVE W.14.03 Manual do Utilizador Página 335
- Página / 594
- Índice
- MARCADORES
Avaliado. / 5. Com base em avaliações de clientes
IPv4 Access Control Lists (ACLs)
Configuring Standard ACLs
Configuring ACEs in an Named, Standard ACL. Configuring ACEs is
done after using the ip access-list standard < name-str > command described
above to enter the “Named ACL” (nacl) context of an access list. For a
standard ACL syntax summary, refer to table 9-6 on page 9-44.
Syntax: < deny | permit >
< any | host < SA > | SA <mask | SA/ mask-length >> [log]
Executing this command appends the ACE to the end of the list
of ACEs in the current ACL. In the default ACL configuration,
ACEs are automatically assigned consecutive sequence num-
bers in increments of 10 and can be renumbered using
resequence (page 9-80).
Note: To insert a new ACE between two existing ACEs, precede
deny or permit with an appropriate sequence number. (Refer to
“Inserting an ACE in an Existing ACL” on page 9-77.)
< deny | permit >
For named ACLs, used in the “Named ACL” (nacl) context to
configure an ACE. Specifies whether the ACE denies or permits
a packet matching the criteria in the ACE, as described below.
< any | host < SA > | SA < mask > | SA/mask-length >
Defines the source IPv4 address (SA) a packet must carry for
a match with the ACE.
• any — Allows IPv4 packets from any SA.
• host < SA > — Specifies only packets having < SA > as the
source. Use this criterion when you want to match the IPv4
packets from a single source address.
• SA < mask > or SA /mask-length — Specifies packets received
from either a subnet or a group of IPv4 addresses. The mask
format can be in either dotted-decimal format or CIDR
format (number of significant bits). (Refer to “Using CIDR
Notation To Enter the IPv4 ACL Mask” on page 9-43).
Mask Application: The mask is applied to the IPv4 address
in the ACE to define which bits in a packet’s SA must exactly
match the SA configured in the ACE and which bits need not
match. For example: 10.10.10.1/24 and 10.10.10.1 0.0.0.255 both
define any address in the range of 10.10.10.(1 - 255).
Note: Specifying a group of contiguous addresses may
require more than one ACE. For more on how masks operate,
refer to “How an ACE Uses a Mask To Screen Packets for
Matches” on page 9-28.
9-47
- ProCurve Switches 1
- HP ProCurve 2910al Switch 3
- Hewlett-Packard Company 4
- 4 TACACS+ Authentication 8
- Configuring Port-Based and 16
- 15 Key Management System 20
- Product Documentation 21
- Software Feature Index 22
- Intelligent Edge Software 23
- Features 23
- Security Overview 27
- Introduction 28
- Access Security Features 29
- Network Security Features 33
- Physical Security 36
- Enter] 38
- SNMP Security Guidelines 42
- Network Immunity Manager 45
- Menu: Setting Passwords 54
- Security tab 57
- [Device Passwords] 57
- [Apply Changes] 57
- Config File 58
- Credentials 59
- ■ TACACS+ encryption keys 60
- SNMP Security Credentials 62
- Restrictions 69
- Front-Panel Security 71
- Front-Panel Button Functions 72
- Reset Button 73
- Password Recovery 80
- [Y] (for “Yes”) 81
- Password Recovery Process 82
- MAC Authentication 87
- Operate 89
- Web-based Authentication 90
- MAC-based Authentication 92
- Operating Rules and Notes 95
- Setup Procedure for Web/MAC 97
- RADIUS Server 100
- Web and MAC Authentication 101
- Overview 102
- Client Status 126
- TACACS+ Authentication 127
- Terminology Used in TACACS 129
- Applications: 129
- General System Requirements 131
- Before You Begin 134
- Configuration 135
- Server Contact Configuration 136
- Authentication Parameters 139
- Caution Regarding 142
- Login Primary 142
- [key < key-string >] 144
- First-Choice TACACS+ Server 147
- How Authentication Operates 150
- Local Authentication Process 151
- Using the Encryption Key 152
- Access When Using TACACS+ 153
- Authentication 153
- Messages Related to TACACS+ 154
- Operation 154
- Operating Notes 155
- Contents 157
- Accounting Services 160
- Configuration MIB 160
- Terminology 161
- You Want RADIUS To Protect 166
- Security Notes 177
- (hpSwitchAuth) is disabled 179
- Commands Authorization 182
- Enabling Authorization 183
- Additional RADIUS Attributes 190
- ■ IP address: 10.33.18.151 195
- ■ Stop-Only: 197
- Viewing RADIUS Statistics 199
- Note: The Webui 201
- RADIUS Accounting Statistics 202
- Limiting 210
- Configuring and Using 215
- Static ACLs 219
- ACL to a Switch Port 220
- The Packet-filtering Process 222
- Nas-Filter-Rule-Options 224
- FreeRADIUS Application 227
- RADIUS-Assigned ACL 229
- Configuration Notes 230
- Event Log Messages 235
- After Authenticating 236
- Monitoring Shared Resources 236
- Prerequisite for Using SSH 240
- Public Key Formats 240
- Host Public 247
- Key for the 247
- Configuring Key Lengths 248
- Bit Size 249
- Exponent <e> 249
- Modulus <n> 249
- Client Contact Behavior 251
- ■ Execute no ip ssh 252
- Enable SSH 254
- Public-Key Authentication 259
- Bit Size Exponent <e> 261
- Comment 261
- Key Index Number 263
- Logging Messages 266
- Debug Logging 266
- Prerequisite for Using SSL 271
- Security Tab 274
- Password Button 274
- Generate New Key 277
- Enter certificate Arguments 277
- Generate New Certificate 277
- [SSL] button 280
- Web browser interface 281
- Browser Contact Behavior 283
- Enable SLL 286
- Common Errors in SSL setup 287
- ACLs on the Switch 294
- Routing 307
- IPv4 Static ACL Operation 308
- Planning an ACL Application 312
- Security 313
- Matches 316
- Access Control Entry (ACE) 317
- ACL Configuration Structure 323
- Standard ACL Structure 324
- ■ A permit/deny statement 325
- ACL Configuration Factors 327
- General ACE Rules 330
- Configuring Standard ACLs 332
- 9-11 on page 9-48 340
- Configuring Extended ACLs 341
- [Shift] [?] key combination 350
- On an Interface 361
- Deleting an ACL 362
- Editing an Existing ACL 363
- Sequence Numbering in ACLs 364
- Attaching a Remark to an ACE 369
- Operating Notes for Remarks 372
- Display an ACL Summary 374
- Indicates whether the ACL 377
- The Offline Process 382
- Enable ACL “Deny” Logging 384
- ACL Logging Operation 385
- General ACL Operating Notes 387
- DHCP Snooping 391
- Enabling DHCP Snooping 392
- The DHCP Binding Database 399
- Enabling Debug Logging 400
- Operational Notes 400
- Log Messages 401
- Dynamic ARP Protection 403
- Configuring Trusted Ports 405
- Packets 408
- Examples 414
- Filter Types and Operation 419
- Source-Port Filters 420
- Example 421
- Named Source-Port Filters 422
- [ index ] 425
- Static Multicast Filters 431
- Protocol Filters 432
- * ), indicating that the 435
- Editing a Source-Port Filter 436
- Filter Indexing 438
- User Authentication Methods 444
- as defined in the 447
- 802.1X standard 447
- VLAN Membership Priority 450
- Access Control 455
- Authenticators 459
- Port-Based Authentication 461
- Wake-on-LAN Traffic 469
- 802.1X Open VLAN Mode 471
- VLAN Membership Priorities 472
- Unauthorized-Client VLANs 478
- Configure Port-Security 487
- Devices 487
- Port-Security 488
- Other Switches 489
- Statistics, and Counters 493
- ■ The switch reboots 506
- VLAN Assignment on a Port 508
- Based Authentication Session 510
- After the 802.1X session 513
- Port Security 520
- Eavesdrop Protection 521
- Trunk Group Exclusion 522
- Planning Port Security 523
- Configuring Port Security 528
- MAC Lockdown 538
- MAC Lockdown Operating Notes 541
- Deploying MAC Lockdown 542
- MAC Lockout 546
- < = 1024 16 16 547
- 1025-2048 8 8 547
- Security Features 549
- Alert Flags 549
- Note on 551
- Send-Disable 551
- Resetting Alert Flags 552
- Yes” for the port on which 553
- Using Authorized IP Managers 559
- Options 561
- Access Levels 561
- Stations 561
- Managers 563
- Web-Based Help 567
- Building IP Masks 568
- Key Management System 573
- Numerics 581
- 2 – Index 582
- Index – 3 583
- 4 – Index 584
- Index – 5 585
- 6 – Index 586
- Index – 7 587
- 8 – Index 588
- Index – 9 589
- 10 – Index 590
- Index – 11 591
- 12 – Index 592
- Development Company, L.P 594
- February 2009 594
- Manual Part Number 594
- 5992-5439 594
Manuais e produtos relacionados com Software HP PROCURVE W.14.03
Software HP T8671-91017 Manual do Utilizador
(54 páginas)
(54 páginas)
Software HP MT40 Guia do Utilizador
(74 páginas)
(74 páginas)
Software HP 4100GL Manual do Utilizador
(228 páginas)
(228 páginas)
Software HP rx3000 Series Manual do Utilizador
(301 páginas)
(301 páginas)
Software HP 39g+ Graphing Calculator Guia do Utilizador
(294 páginas)
(294 páginas)
Software HP 39g Graphing Calculator Guia do Utilizador
(288 páginas)
(288 páginas)
Software HP Vectra VE5 2 Guia do Utilizador
(102 páginas)
(102 páginas)
Software HP Photo Pro Guia do Utilizador
(16 páginas)
(16 páginas)
Software HP 5300 Informações Técnicas
(442 páginas)
(442 páginas)
© 2020, manymanuals-pt.com. Todos os direitos reservados. | 0.113 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentários a estes Manuais