Configuring Rights
See Appendix B, “Filter Expression Syntax” for details of the tcpdump syntax.
Note: Tcpdump syntax is case sensitive. All keywords must be in lower-case to be recognized.
Step 6. If you have changed the Outside World filter, click Save to replace the current Outside World
filter definition. To save this filter as a new filter, click
Save as Copy.
If you have created a new Allowed Traffic filter, make sure you enable it for the Guest Access
Access Policy by selecting it under the Allowed Traffic tab for the Access Policy.
Setting Up HTTP Proxy Filters
If you plan to allow guests to access your network, or to access the Internet via your network, you may
want to configure the automatic HTTP proxy feature to enforce the use of an internal HTTP proxy server
(within your network) without requiring a specific configuration on the client.
Note: To use this feature, you must first configure a proxy server for each Access Controller through
which Guests may access your network. This is configured under the Network configuration pages (see
—Automatic HTTP Proxy Server Specification“ on page 6-26).
The example discussed here creates a proxy filter specification for the Guest Access Access Policy that
does the following:
• Specifies that the 700wl Series system should listen for HTTP traffic on ports 3128 and 8080.
• Specifies a set of filters for HTTP traffic that allows HTTP traffic to the Internet, but denies traffic to the
192.168.x.x network and to sites at companyB.com (with the exception of two specific addresses—
192.168.1.21 and www.companyB.com). The set of filters work as follows:
— Allow HTTP traffic to the CompanyB web site at www.companyB.com.
— Allow HTTP traffic to IP address 192.168.1.21
— Deny HTTP traffic to all other addresses on the 192.168.x.x subnet
— Deny HTTP traffic to any locations on companyB.com (except for www.companyB.com, which is
allowed by the previous filters)
— Allow all other HTTP traffic
To configure HTTP proxy filtering for the Guest Access Access Policy, do the following:
Step 1. Click Rights to display the Rights Setup page, then click the Guest Access Access Policy to display
the Edit Access Policy page.
Step 2. Select the HTTP Proxy tab.
Figure 4-43 shows the HTTP proxy tab for the Guest Access Access Policy after the set of required
proxy filters have been created.
By default, only the Allow All and Deny All filters will be present, with Deny All selected.
HP ProCurve Secure Access 700wl Series Management and Configuration Guide 4-83
