HP 7000 dl Router manual Lost

discard list <access list names> policy <access policy name>

All packets passed by the access list(s) entered and destined for the interface using the access policy listed will be blocked from the router system. This allows for configurations to deny packets on a specified interface.

nat source list <access list names> address <IP address> overload

All packets passed by the access list(s) entered will be modified to replace the source IP address with the entered IP address. The overload keyword allows multiple source IP addresses to be replaced with the single IP address entered. This hides private IP addresses from outside the local network.

nat source list <access list names> interface <interface> overload

All packets passed by the access list(s) entered will be modified to replace the source IP address with the primary IP address of the listed interface. The overload keyword allows multiple source IP addresses to be replaced with the single IP address of the specified interface. This hides private IP addresses from outside the local network.

nat destination list <access list names> address <IP address>

All packets passed by the access list(s) entered will be modified to replace the destination IP address with the entered IP address. The overload keyword is not an option when performing NAT on the destination IP address; each private address must have a unique public address. This hides private IP addresses from outside the local network.

Step 4:

Apply the created access policy to an interface. To assign an access policy to an interface, enter the interface configuration mode for the desired interface and enter access policy <policy name>. The following example assigns access policy MatchAll to the Ethernet 0/1 interface:

(config)#interface ethernet 0/1 (config-eth0/1)#access-policy MatchAll