beautypg.com

Aspf configuration example, Network requirements – H3C Technologies H3C SecPath F1000-E User Manual

Page 585

background image

2

Figure 14 Add an ASPF policy

Table 9

describes the configuration items for creating an ASPF policy.

Table 9 ASPF policy configuration items

Item Description

Source Zone

Dest Zone

Select a source/destination zone to which the ASPF policy is to be
applied.

Discard ICMP error packets

Set whether to discard ICMP error packets

If this check box is not selected, ICMP error packets are allowed to
pass.

Discard non-SYN initial TCP packets

Set whether to discard initial TCP packets that are not SYN packets

If this check box is not selected, initial TCP packets that are not SYN
packets are allowed to pass.

ASPF Configuration Example

Network requirements

As shown in

Figure 15

, configure an ASPF policy between zone 1 and zone 2 to discard ICMP error

packets but permit initial TCP packets that are not SYN packets.

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: