EasyManuals Logo

Dell Networking N4000 Series User Manual

Dell Networking N4000 Series
1460 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #631 background imageLoading...
Page #631 background image
Configuring Access Control Lists 631
following list has corrected rules that allow Telnet and UDP packets only and
rely on the implicit "deny all" after the end of the last access group to deny
other traffic.
ip access-list Host10-1-1-23
! Permit Telnet traffic from 192.168.0.X network to host 10.1.1.23
permit tcp 192.168.0.0 0.0.0.255 host 10.1.1.23 eq telnet
! Permit UDP traffic from 192.168.0.X network to host 10.1.1.23
permit udp 192.168.0.0 0.0.0.255 host 10.1.1.23
ACLs support TCP and UDP port matching using operators:
ip access-list Host10-1-1-23
! Permit Telnet traffic from 192.168.0.X network to host 10.1.1.23
permit tcp 192.168.0.0 0.0.0.255 host 10.1.1.23 eq telnet
! Permit UDP traffic from 192.168.0.X network to host 10.1.1.23
permit udp 192.168.0.0 0.0.0.255 host 10.1.1.23
ip access-list Host10-1-1-23
! Permit Telnet traffic from 192.168.0.X network to host 10.1.1.23
permit tcp 192.168.0.0 0.0.0.255 host 10.1.1.23 eq telnet
! Permit UDP traffic from 192.168.0.X network to host 10.1.1.23
permit udp 192.168.0.0 0.0.0.255 host 10.1.1.23
The range operator is inclusive of the specified port parameters.
ACLs support TCP flags. If multiple flags are set (+flag) in a single rule, only
packets with the all the same flags asserted are matched (logical AND).
Likewise, if multiple flags are cleared (–flag) in a single rule, only packets with
the same flags cleared are matched. The established keyword matches TCP
packets with either the RST or ACK bits set (logical OR). Flags that are
neither set nor cleared in the rule are not checked in the ACL (don't care or
wildcard).
ip access-list Host10-1-1-23
! Permit Telnet traffic from 192.168.0.X network to host 10.1.1.23
permit tcp 192.168.0.0 0.0.0.255 host 10.1.1.23 eq telnet
! Permit UDP traffic from 192.168.0.X network to host 10.1.1.23
permit udp 192.168.0.0 0.0.0.255 host 10.1.1.23
The following is an example rule to match TCP packets with the PUSH flag
asserted AND the RESET flag cleared. The other flags bits are "don't care":
ip access-list Host10-1-1-23

Table of Contents

Other manuals for Dell Networking N4000 Series

Preview: Getting Started Guide
Getting Started Guide378 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Dell Networking N4000 Series and is the answer not in the manual?

Dell Networking N4000 Series Specifications

General IconGeneral
LayerLayer 3
Switching CapacityUp to 1.28 Tbps
Operating Temperature0°C to 45°C (32°F to 113°F)
Storage Temperature-40°C to 70°C (-40°F to 158°F)
SeriesN4000 Series
StackingUp to 12 units
Power SupplyDual, hot-swappable
ManagementWeb, CLI, SNMP
Humidity10% to 90% (non-condensing)

Related product manuals