Filter
Top Products
Configuring Rights
Note: Redirected Traffic filters are evaluated in the order that they appear in the Redirected traffic
list of each Access Policy. When a packet matches a Redirect filter, it is immediately redirected to
the appropriate destination. Therefore, an incorrect ordering of Redirect filters could cause some
filters never to be evaluated. For example, if a more general filter is evaluated before a more
specific filter, packets could be redirected due to matching the general filter, and never be evaluated
by the more specific filter.
Reordering the filter list affects only the Access Policy that is currently being created. Each Access
Policy may use a different ordering of Redirect filters.
» To create a new filter, click the New Filter... button at the bottom of the table.
» To edit a filter, click the filter name or the pencil icon at the end of the row. This takes you directly to
the Edit Filters page. Note that if the filter is one of a DNS or WINS filter pair, this takes you to the Edit
Filters page for the pair.
The 700wl Series system provides a number of predefined Redirected Traffic filters, as listed in Table 4-20.
Table 4-20. Predefined Redirected Traffic Filters
Redirected Traffic Filter Description
AC HTTP Logon redirect Redirects most HTTP requests (on port 80) to the Access Controller
logon page on port 82. Web requests to address 42.0.0.1 are not
redirected so the system can be configured on startup.
AC HTTPS Logon redirect Redirects most HTTPS requests on port 443, the standard SSL port,
to the Access Controller SSL logon page on port 443.
AC Internal blocker Redirects HTTP requests intended for addresses within the Access
Control Server subnet (@INTRANET@) to the Access Controller
Stop page.
AC Logon page shortcut Redirects HTTP requests intended for 1.1.1.1 port 80 to the Access
Controller logon page.
AC No SSL Web Redirects all HTTPS requests on port 443, the standard SSL port, to
the Access Controller SSL Stop page.
AC No Web Redirects all HTTP requests on port 80 to the Access Controller Stop
page.
BlackHole Redirects all requests except for DHCP, DNS, Stop page and HTTP
requests to 0.0.0.0. This effectively prevents network access.
ACS-to-AC Logon redirect Redirects requests intended for the Access Control Server SSL
logon port (443) to the Access Controller SSL logon port. This
redirect is needed to allow the Access Controller logon process to
use the Access Control Server‘s SSL certificate.
ACS-to-AC Stop redirect Redirects requests intended for the Access Control Server Stop port
(81) to the Access Controller Stop port. This redirect is needed to
allow Stop page redirects to succeed when Distributed Logons are
in use.
No external rights UI Redirects Rights Manager UI access requests to the SSL Stop page
No internal admin UI Redirects Administrative Interface access requests via 42.0.0.1
(@INTERNAL@) to the Access Control Server SSL Stop page
4-54 HP ProCurve Secure Access 700wl Series Management and Configuration Guide