Manualshelf

Command Reference Guide

ManualsBrandsHP ManualsRoutersHP 7000 dl Router Series
271272273274275276277278279280
SROS Command Line Interface Reference Guide Global Configuration Mode Command Set
5991-2114 © Copyright 2005 Hewlett-Packard Development Company, L.P. 271
ip firewall
Use the ip firewall command to enable Secure Router OS security features including access control
policies and lists, Network Address Translation (NAT), and the stateful inspection firewall. Use the no
form of this command to disable the security functionality.
Syntax Description
No subcommands.
Default Values
By default, all
Secure Router OS
security features are disabled.
Command Modes
(config)# Global Configuration Mode
Note
Disabling the Secure Router OS security features (using the no ip firewall command) does
not affect security configuration. All configuration parameters will remain intact, but no
security data processing will be attempted.
Note
Regarding the use of IKE negotiation for VPN with ip firewall enabled, there can be up to
six channel groups with 2-8 interfaces per group. Dynamic protocols are not yet supported
(only static). A physical interface can be a member of only one channel-group.