Configuration considerations, Configuration procedure – H3C Technologies H3C SecPath F1000-E User Manual
Page 571
546
Configuration considerations
To meet these requirements:
•
Configure ACL 3101 to match TCP packets and ACL 3102 to match all packets.
•
Configure node 5 of the policy to send the inbound packets matching ACL 3101 to GigabitEthernet
0/2.
•
Configure node 10 of the policy not to process the inbound packets matching ACL 3102.
•
Apply the policy on GigabitEthernet 0/1.
Configuration procedure
1.
Configure IP addresses for interfaces and configure security zones. (Details not shown.)
2.
Define the ACLs:
# Create ACL 3101.
{
Select Firewall > ACL from the navigation tree, and then click Add. Then make the following
configurations as shown in
{
Enter 3101 for ACL Number.
{
Select Config for Match Order.
{
Click Apply.
Figure 309 Creating ACL 3101
# Define rules for ACL 3101.
{
Click the
icon of ACL 3101 in the ACL list page. Then click Add and perform the following
configurations as shown in
.
{
Select Permit for Operation.
{
Select 6 TCP for Protocol.
{
Click Apply.