SROS Command Line Interface Reference Guide

Global Configuration Mode Command Set

 

 

ip firewall

Use the ip firewall command to enable Secure Router OS security features including access control policies and lists, Network Address Translation (NAT), and the stateful inspection firewall. Use the no form of this command to disable the security functionality.

Note

Disabling the Secure Router OS security features (using the no ip firewall command) does

 

not affect security configuration. All configuration parameters will remain intact, but no

 

security data processing will be attempted.

 

 

 

 

Note

Regarding the use of IKE negotiation for VPN with ip firewall enabled, there can be up to

 

six channel groups with 2-8 interfaces per group. Dynamic protocols are not yet supported

 

(only static). A physical interface can be a member of only one channel-group.

 

 

Syntax Description

No subcommands.

Default Values

By default, all Secure Router OS security features are disabled.

Command Modes

(config)#

Global Configuration Mode

5991-2114

© Copyright 2005 Hewlett-Packard Development Company, L.P.

271

Page 270 Page 272
Page 271
Image 271
HP 7000 dl Router manual Ip firewall, Security data processing will be attempted
Page 270 Page 272
Top Page Image Contents