Using Access Control Lists for Security 315

Table 26 Commonly Used IP Protocol Numbers (continued)

 

 

IP Protocol Number

Protocol

 

 

89

Open Shortest Path First (OSPF) protocol

103

Protocol Independent Multicast (PIM)

112

Virtual Router Redundancy Protocol (VRRP)

115

Layer Two Tunneling Protocol (L2TP)

 

 

For a complete list of IP protocol numbers, see

www.iana.org/assignments/protocol-numbers.

8Click Finish.

Adding ACEs to an The order in which ACEs are listed in an ACL is critical. An ACE that is ACL higher in the list is executed prior to ACEs lower in the list. When you

create an ACL, the ACEs are listed in the order in which you created them. You can change the order of ACEs using the ACL Setup page.

To add ACEs to an ACL and organize them

1In the ACL Setup page, select an ACE from the list of ACEs.

2If you have not already typed the ACL name in the ACL Name box, do so now.

3To change the position of the ACE, click Move Up or Move Down until the ACE is in the position you want.

4To move other ACEs, repeat step 1 and step 3 until all ACEs are in the order you want.

An ACL contains an implicit rule that denies all access. If you create an ACL with multiple ACEs, the implicit rule is placed at the end of the ACE list.

5To close the Create ACL wizard, click Finish.

Mapping ACLs User-based ACLs are mapped to particular users at the time of authorization.

You can also map ACLs to ports (or port groups), VLANs, or virtual ports. These types of ACLs are processed after user-based ACLs because user-based ACLs are more specific.

Page 315
Image 315
HP Manager Software For a complete list of IP protocol numbers, see Click Finish, To add ACEs to an ACL and organize them