SROS Command Line Interface Reference Guide Loopback Interface Configuration Command Set

access-policy <policyname>

Use the access-policycommand to assign a specified access policy to an interface. Use the no form of this command to remove an access policy association.

Syntax Description

<policyname>

Alphanumeric descriptor for identifying the configured access policy (all access

 

policy descriptors are case-sensitive).

Default Values

By default, there are no configured access policies associated with an interface.

Command Modes

(config-interface)#

Interface Configuration Mode

 

Valid interfaces include: Ethernet (eth 0/1), virtual PPP interfaces (ppp 1), virtual

 

Frame Relay sub-interfaces (fr 1.20), loopback interfaces, and VLAN interfaces

 

(vlan 1)

Functional Notes

To assign an access policy to an interface, enter the interface configuration mode for the desired interface and enter access policy <policy name>.

Usage Examples

The following example associates the access policy UnTrusted (to allow inbound traffic to the Web server) to the loopback interface:

Enable the Secure Router OS security features:

(config)#ip firewall

Create the access list (this is the packet selector):

(config)#ip access-list extended InWeb (config-ext-nacl)#permit tcp any host 63.12.5.253 eq 80

Create the access policy that contains the access list InWeb:

(config)#ip policy-class UnTrusted (config-policy-class)#allow list InWeb

5991-2114

© Copyright 2005 Hewlett-Packard Development Company, L.P.

848

Page 848
Image 848
HP 7000 dl Router manual Copyright 2005 Hewlett-Packard Development Company, L.P 848