ACL
ACL Rule
Cisco WAP571/E Administration Guide 135
9
• Rule—Choose New Rule to configure a new rule for the selected ACL.
When an ACL has multiple rules, the rules are applied to the packet or frame
in the order in which you add them to the ACL. There is an implicit deny all
rule as the final rule.
• Action—Choose whether the ACL rule permits or denies an action.
• When you choose Permit, the rule allows all traffic that meets the rule
criteria to enter the WAP device. Traffic that does not meet the criteria is
dropped.
• When you choose Deny, the rule blocks all traffic that meets the rule criteria
from entering the WAP device. Traffic that does not meet the criteria is
forwarded unless this rule is the final rule. Because there is an implicit deny
all rule at the end of every ACL, traffic that is not explicitly permitted is
dropped.
• Match Every Packet—If enabled, the rule, which either has a permit or
deny action, matches the frame or packet regardless of its contents. If you
enable this feature, you cannot configure any additional match criteria. This
option is selected by default for a new rule. You must disable the option to
configure other match fields.
• Protocol—Uses a Layer 3 or Layer 4 protocol match condition based on the
value of the IP Protocol field in IPv4 packets or the Next Header field in IPv6
packets. You can choose one of these options or choose Any:
- Select From List—Choose one of these protocols: IP, ICMP, IGMP, TCP, or
UDP.
- Match to Value—Enter a standard IANA-assigned protocol ID from 0 to
255. Choose this method to identify a protocol not listed by name in the
Select From List.
• Source IP—Requires the packet's source IP address to match the address
defined in the appropriate fields.
- Source IP Address—Enter the IP address to apply this criteria.
To Next Page
Loading...
Need help?
General
