ACL Application Example Configuring ACLs
page 41-22 OmniSwitch AOS Release 6 Network Configuration Guide September 2009
ACL Application Example
In this application for IP filtering, a policy is created to deny Telnet traffic from the outside world to an
engineering group in a private network.
Set up a policy rule called outside to deny Telnet traffic to the private network.
1 Create a policy service (traffic_in) for traffic originating from the well-known Telnet port number 23.
-> policy service traffic_in destination ip port 23 protocol 6
2 Create a policy condition (outside_cond) that references the service.
-> policy condition outside_cond service traffic_in
3 Create a policy action (outside_action) to deny the traffic.
-> policy action outside_action disposition drop
4 Then combine the condition and the action in a policy rule (outside).
-> policy rule outside condition outside_cond action outside_action
An example of what these commands look like together on consecutive command lines:
-> policy service traffic_in source ip port 23 protocol 6
-> policy condition outside_cond service traffic_in
-> policy action outside_action disposition drop
-> policy rule outside condition outside_cond action outside_action
traffic originating from the public net-
work destined for the private network
Public Network
(The Internet)
OmniSwitch
Private Network
(Engineering)
To Next Page
Loading...
