HP 3500yl Series Access Security Manual page 543
Switch software
Hide thumbs
Also See for 3500yl Series:
- Release notes (219 pages) ,
- Specifications (16 pages) ,
- Features (6 pages)
Table of Contents
Advertisement
HP Switch# show statistics aclv6 IP-01 port b2
Hit Counts for ACL IPV6-ACL
Total
(
1)
10 permit icmp fe80::20:3/128 fe80::20:2/128 128
(
5)
20 deny tcp ::/0 fe80::20:2/128 eq 23 log
(
4)
30 permit ipv6 ::/0 ::/0
HP Switch#
Figure 10-53. Resulting ACE Hits on ACL "V6-01"
FE80::20:2
Figure 10-51. Application to Filter Traffic Inbound on Port B2
Using the topology in figure 10-51, a workstation at FE80::20:117 on port B2
attempting to ping and Telnet to the workstation at FE80::20:2 is filtered
through the PACL instance of the "V6-01" ACL assigned to port B2, resulting
in the following:
HP Switch# ping6 fe80::20:2%vlan20
fe80:0000:0000:0000:0000:0000:0020:0002 is alive, time = 5 ms
HP Switch# telnet fe80::20:2%vlan20
Telnet failed: Connection timed out.
HP Switch#
Figure 10-52. Ping and Telnet from FE80::20:117 to FE80::20:2 Filtered by the
Assignment of "V6-01" as a PACL on Port B2
Shows the succesful ping permitted by ACE 10.
Indicates denied attempts to Telnet to FE80::20:2 via the instance of the "V6-
01" PACL assignment on port B2.
Indicates permitted attempts to reach any accessible destination via the
instance of the "V6-01" PACL assignment on port B2.
IPv4 Access Control Lists (ACLs)
5400zl Switch
VLAN 20
Port
B2
FE80::20:1
ACL "V6-01" assigned as
a PACL on port B2.
Enable ACL "Deny" Logging
FE80::20:117
10-123
Hide quick links:
Advertisement
Chapters
Table of Contents
