beautypg.com

Displaying the configuration, Configuration example, Network requirements – H3C Technologies H3C SecBlade IPS Cards User Manual

Page 71

background image

64

To do…

Use the command…

Remarks

Configure the
OAA client
and the

internal

interface

Select System Management > Device
Management > OAA Configuration. Input
parameters in OAA Client Configuration

and Internal Interface Configuration to

complete OAA configuration.

Required

Configure
OAA

Test the
connectivity

Click the Test Connectivity button to test
the connectivity between the OAA client

and the server.

Required

Create security zones

Select System Management > Network
Management > Security Zone. Use the

Add button to create security zones and

add the interfaces of the SR6600 router

to the security zones.

Required
The interface list of the router is
sent to the OAA board (the

SecBlade IPS card in this case),

and you can add interfaces to

security zones.

Create a segment

Select System Management > Network
Management > Segment Configuration.

Click Add Segment. Select a segment
number, the internal zone, and the

external zone.

Required
You need to specify the internal
interface when creating the

segment. The internal interface
connects to the router.

Displaying the configuration

Use the following command in any view of the SecBlade IPS card to view the forwarding information of

the internal 10GE interface:

To do…

Use the command…

Display the running status and forwarding
information of the 10GE interface

display interface [ interface-name ]

Table 7 Use the following commands in any view of the router to view ACFP information.

To do…

Use the command…

Display the ACFP server information

display acfp server-info

Display the ACFP client information

display acfp client-info [ client-id ]

Display the ACFP policy information

display acfp policy-info [ client client-id [ policy-index ] |
dest-interface interface-type interface-number | global |
in-interface interface-type interface-number | out-interface

interface-type interface-number ] [ active | inactive ]

Display the ACFP rule information

display acfp rule-info { global | in-interface [ interface-type
interface-number ] | out-interface [ interface-type

interface-number ] | policy [ client-id policy-index ] }

Configuration Example

Network requirements

As shown in

Figure 45

, the router has one SRPU installed in slot 6, one switching board inserted in slot

1, and one SecBlade IPS card inserted in slot 11. The router uses GigabitEthernet 1/0/1 and

See also other documents in the category H3C Technologies Safety: