382| Roles and Policies AOS-W 6.5.3.x| User Guide
6. To limit the service alias to a specific application, click the Application Level Gateway (ALG) drop-down
list and select one of the following service types
n dhcp: Service is DHCP
n dns: Service is DNS
n ftp: Service is FTP
n h323: Service is H323
n noe: Service is Alcatel NOE
n rtsp: Service is RTSP
n sccp: Service is SCCP
n sip: Service is SIP
n sips: Service is Secure SIP
n svp: Service is SVP
n tftp: Service is TFTP
n vocera: Service is VOCERA
7. Click Apply to save your changes.
In the CLI
To define a service alias via the command-line interface, issue the following command:
(h
ost
)(c
onfi
g)
#n
ets
erv
ice
<n
ame
>
<
prot
oco
l>|
tcp
|ud
p
{
lis
t
<
port
>,<
por
t>}
|{<
por
t>
[<p
ort
>]}
[ALG <service>]
Creating an ACL White List
The ACL White List consists of rules that explicitly permit or deny session traffic from being forwarded to or
blocked from the switch. The white list protects the switch during traffic session processing by prohibiting
traffic from being automatically forwarded to the switch if it was not specifically denied in a blacklist. The
maximum number of entries allowed in the ACL White List is 64. To create an ACL white list, you must first
define a white list bandwidth contract, and then assign it to an ACL.
Creating a Bandwidth Contract in the WebUI
1. Navigate to the Configuration > Advanced Services > Stateful Firewall > White List BW Contracts
page.
2. Click Add to create a new contract.
3. In the White list contract name field, enter the name of a bandwidth contract.
4. The Bandwidth Rate field allows you to define a bandwidth rate in either kbps or Mbps. Enter a rate value
the Bandwidth rate field, then click the drop-down list and select either kbps or Mbps.
5. Click Done.
Configuring the ACL White List in the WebUI
1. Navigate to the Configuration > Stateful Firewall> ACL White List page.
2. To add an entry, click the Add button at the bottom of the page. The Add New Protocol section displays.
3. Click the Action drop-down list and select Permit or Deny. Permit allows session traffic to be forwarded
to the switch while Deny blocks session traffic.
4. Click the IP Version drop-down list and select theIPv4 or IPv6 filter. You need to select one of three
following choices from the Source drop-down list:
l For a specific IPv4 or IPv6 filter, select IP/Mask. Enter the IP address and mask of the IPv4 or IPv6 filter
in the corresponding fields.
To Next Page
Loading...