Alcatel-Lucent AOS-W 6.5.3.x

To Next Page

To Previous Page

112| Network Configuration Parameters AOS-W 6.5.3.x| User Guide

8. From the Firewall Policy section, select the policy from the in drop-down list through which inbound

traffic on this port must pass.

9. Select the policy from the out drop-down list through which outbound traffic on this port must pass.

10.To apply a policy to this session’s traffic on this port and VLAN, select the policy from the session drop-

down list.

11.Click Apply.

In the CLI

In this example,

(host)(config) #interface range fastethernet <slot/module/port>

(host)(config-if)#switchport mode access

(host)(config-if)#no trusted

(host)(config-if)#switchport access vlan <vlan>

(host)(config-if)#no trusted vlan <vlan>

(host)(config-if)#ip access-group ap-acl session vlan <vlan>

(host)(config-if)#ip access-group validuserethacl in

(host)(config-if)#ip access-group validuserethacl out

(host)(config-if)#ip access-group validuser session

Configuring Trusted and Untrusted Ports and VLANs in Trunk Mode

The following procedures configure a range of Ethernet ports as untrusted native trunks ports, assign VLANs

and classify them as untrusted, and designate a policy through which VLAN traffic on the ports must pass.

In the WebUI

1. Navigate to the Configuration > Network > Ports window.

2. In the Port Selection section, click the port you want to configure.

3. For Port Mode select Trunk.

4. To specify the native VLAN, select a VLAN from the Native VLAN drop-down list.

5. Choose one of the following options to control the type of traffic the port carries:

l Allow All VLANS Except: The port carries traffic for all VLANs except those from this drop-down list.

l Allow VLANs: The port carries traffic for all VLANs selected from this drop-down list.

l Remove VLANs: The port does not carry traffic for any VLANs selected from this drop-down list.

6. To designate untrusted VLANs on this port, click Trusted except. In the corresponding VLAN field enter a

range of VLANs that you want to make untrusted. (In this format, for example: 200-300, 401-500 and so

on). Only VLANs listed in this range are untrusted. To designate only one VLAN as untrusted, select a VLAN

from the drop-down list.

7. To designate trusted VLANs on this port, click Untrusted except. In the corresponding VLAN field, enter a

range of VLANs that you want to designate as trusted. (In this format, for example: 200-300, 401-500 and

so on). Only VLANs listed in this range are trusted. To designate only one VLAN as trusted, select a VLAN

from the drop-down menu.

8. To remove a VLAN, click the Remove VLANs option and select the VLAN you want to remove from the

drop-down list, and click the left arrow to add it back to the list.

9. To designate the policy through which VLAN traffic must pass, click New under the Session Firewall

Policy field.

10.Enter the VLAN ID or select it from the associated drop-down list. Then select the policy, through which the

VLAN traffic must pass, from the Policy drop-down list and click Add. Both the selected VLAN and the

policy appear in the Session Firewall Policy field.

11.When you are finished listing VLANs and policies, click Cancel.

Main Page

Alcatel-Lucent AOS-W 6.5.3.x - Page 112

Table of Contents