Configuration considerations, Configuration procedure – H3C Technologies H3C SecPath F1000-E User Manual
Page 571
546
Configuration considerations
To meet these requirements:
•
Configure ACL 3101 to match TCP packets and ACL 3102 to match all packets.
•
Configure node 5 of the policy to send the inbound packets matching ACL 3101 to GigabitEthernet
0/2.
•
Configure node 10 of the policy not to process the inbound packets matching ACL 3102.
•
Apply the policy on GigabitEthernet 0/1.
Configuration procedure
1.
Configure IP addresses for interfaces and configure security zones. (Details not shown.)
2.
Define the ACLs:
# Create ACL 3101.
{
Select Firewall > ACL from the navigation tree, and then click Add. Then make the following
configurations as shown in
{
Enter 3101 for ACL Number.
{
Select Config for Match Order.
{
Click Apply.
Figure 309 Creating ACL 3101
# Define rules for ACL 3101.
{
Click the
icon of ACL 3101 in the ACL list page. Then click Add and perform the following
configurations as shown in
.
{
Select Permit for Operation.
{
Select 6 TCP for Protocol.
{
Click Apply.
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS H3C SecBlade LB Cards H3C SecPath L1000-A Load Balancer