To Next Page

To Previous Page

10-115

IPv4 Access Control Lists (ACLs)

Enable ACL “Deny” Logging

Figure 10-45. Commands for Applying an ACL with Logging to Figure 10-44

HP Switch(config)# ip access-list extended NO-TELNET

HP Switch(config-ext-nacl)# remark "DENY 10.10.10.3 TELNET TRAFFIC IN"

HP Switch(config-ext-nacl)# deny tcp host 10.10.10.3 any eq telnet log

HP Switch(config-ext-nacl)# permit ip any any

HP Switch(config-ext-nacl)# exit

HP Switch(config)# vlan 10 ip access-group NO-TELNET in

HP Switch(config)# logging 10.10.20.3

HP Switch(config)# logging facility syslog

HP Switch(config)# debug destination logging

HP Switch(config)# debug destination session

HP Switch(config)# debug acl

HP Switch(config)# write mem

HP Switch(config)# show debug

Debug Logging

Destination:

Logging --

10.10.20.3

Facility = syslog

Session

Enabled debug types:

event

acl log

HP Switch(config)# show access-list config

ip access-list extended "NO-TELNET"

10 remark "DENY 10.10.10.3 TELNET TRAFFIC"

10 deny tcp 10.10.10.5 0.0.0.0 0.0.0.0 255.255.255.255 eq 23 log

20 permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255

exit

Assigns the ACL named “NO-TELNET” as

an RACL to filter routed Telnet traffic from

10.10.10.3 entering the switch on VLAN 10.

HP J9574A Access Security Guide

Other manuals for HP J9574A