Mirror image acls – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

Page 873

Advertising
background image

852

Figure 904 ACL 3001 configuration on Device B

Figure 905 IPsec policy configuration on Device B

Mirror image ACLs

To make sure that SAs can be set up and the traffic protected by IPsec locally can be processed correctly

at the remote peer, on the remote peer, create a mirror image ACL rule for each ACL rule created at the

local peer. As shown in

Figure 627

, ACL rules on Device B are mirror images of the rules on Device A.

This ensures that SAs can be created successfully for the traffic between Host A and Host C and the traffic

between Network 1 and Network 2.

Figure 906 Mirror image ACLs

Network 2

2.2.2.0/24

Network 1

1.1.1.0/24

IP network

ACL1: rule permit 1.1.1.1 -> 2.2.2.2

Host A
1.1.1.1

Host B

Host C
2.2.2.2

Host D

Device A

Device B

GE0/1

GE0/2

Mirror image ACLs at Device A GE0/1 and Device B GE0/2

ACL2: rule permit 1.1.1.0/24 -> 2.2.2.0/24

ACL1: rule permit 2.2.2.2 -> 1.1.1.1

ACL2: rule permit 2.2.2.0/24 -> 1.1.1.0/24

Advertising
This manual is related to the following products:

H3C WX5500E Series Access Controllers, H3C WX3500E Series Access Controllers, H3C WX2500E Series Access Controllers, H3C WX6000 Series Access Controllers, H3C WX5000 Series Access Controllers, H3C LSUM3WCMD0 Access Controller Module, H3C LSUM1WCME0 Access Controller Module, H3C LSRM1WCM2A1 Access Controller Module

Popular Brands
Popular manuals