Configuring AppleTalk
5. Select the interface for which the zone filter is to be defined from the port or slot/port pull down menu(s). In
this example, you are defining a permit zone filter for HR for interfaces 10 and 14, which have membership in
the Finance zone.
6. Enter the zone name to which access is to be permitted or denied. In this case, the zone name is HR.
7. Select either Deny or Permit. In this example, select Permit for interfaces 10 and 14.
8. Enable RTMP filtering to also filter on a network basis.
NOTE: When this filter is enabled on an interface, the denied network numbers are removed from the RTMP
packet before it is transmitted out of the interface. In this example, RTMP filtering is not desired, so this
option default is left as disabled.
9. Click the Apply button to apply the changes to the device’s running-config file.
10. Click on the Additional Zone Filter link in the tree view.
11. Select the interface for which the zone filter is to be defined, from the port or slot/port pull down menu(s). In
this example, define a deny zone filter for interfaces 10 and 14 to deny all other zones not specified in the
permit zone filter (steps 1 – 6 above).
12. Select either Deny or Permit. For this example, select Deny for interfaces 10 and 14.
13. Disable RTMP filtering.
14. Click the Apply button to apply the changes to the device’s running-config file.
15. Select the Save
link at the bottom of the dialog. Select Yes when prompted to save the configuration change
to the startup-config file on the device’s flash memory.
Network Filtering
EXAMPLE:
To deny access to the Finance server to users within the Marketing and Field Service zones on the network and to
prevent information about the zone and the network numbers from being forwarded out of interface 1/1 (Figure
15.2), use one of the following methods.
USING THE CLI
HP9300(config-if-1/1)# appletalk deny zone finance rtmp-filtering
USING THE WEB MANAGEMENT INTERFACE
To enable RTMP filtering on an interface, define the filter as usual, then enable the RTMP filtering option on the
AppleTalk Zone Filter panel.
Routing Between AppleTalk VLANs Using Virtual Interfaces
In addition to supporting AppleTalk VLANs, the routing switches support routing between AppleTalk VLANs using
virtual interfaces. The virtual interfaces provide VLANs access to the router functions of routing switches. Using
these virtual interfaces eliminates the need to assign a physical port for routing between local VLANs.
AppleTalk routing between virtual and physical interfaces is also supported.
EXAMPLE:
In Figure 15.3, AppleTalk traffic is terminating on ports 1/1 through 1/4. Suppose you want to group all of these
interfaces into an AppleTalk protocol VLAN and route traffic to VLANs on other routing switches.
To do so, perform the following steps:
1. Create an AppleTalk protocol VLAN with port membership of ports 1, 2, 3, and 4.
2. Assign a virtual interface to the AppleTalk VLAN to allow it to route traffic to AppleTalk VLANs on remote
routing switches.
15 - 13