Comware Based
cancel
Showing results for 
Search instead for 
Did you mean: 

[HSR6600 - CMv7] Cisco like Object group-based ACL

 
TomiKuku
Occasional Visitor

[HSR6600 - CMv7] Cisco like Object group-based ACL

Hi All,


Is it possible to configure ACL based on IP addresses grouping like in Cisco group-based ACL or Juniper prefix-list object?
Device is HSR6600 with HP Comware Software, Version 7.1.054, Release 7103

 

Thank You for all help,

1 REPLY
sdide
Respected Contributor

Re: [HSR6600 - CMv7] Cisco like Object group-based ACL

Hi TomiKuku

 

I don't see anywhere that the HSR6600 should support anything like Cisco Object groups for ACLs. You can however configure routing policies based on ip prefix-lists or ACLs. Since you're posting questions on a router platform I'm not sure I'm answering the right question.

 

You _can't_ do (like "Cisco object groups for ACL")

object-group network Web-Servers

  network-object 10.1.0.10 255.255.255.255
  network-object 10.1.1.10 255.255.255.255

object-group network Clients

  network-object 10.8.0.0 255.255.0.0
  network-object 10.9.0.10 255.255.0.0

 

access-list client_allow extended permit tcp object-group Clients object-group Web-Servers eq www

 

What you can do, is use ip prefix listing in routing policies.

 

so

ip prefix-list <somelistname> permit <ip> <mask>

...

 

and use this list in you policy routing, if you're so inclined.

 

Regards.

 

 

 

Søren Dideriksen, Network Administrator
Region Midtjylland