Configuring the ECN330-switch
156 1553-KDU 137 365 Uen D 2006-06-16
CLI – This example restricts management access for Telnet clients.
6.6 Access Control Lists
Access Control Lists (ACL) provide packet filtering for IP frames (based on
address, protocol, Layer 4 protocol port number or TCP control code), any
frames (based on MAC address or Ethernet type), or for frame types within a
specified VLAN. To filter incoming packets, first create an access list, add the
required rules, specify a mask to modify the precedence in which the rules are
checked, and then bind the list to a specific port.
6.6.1 Configuring Access Control Lists
An ACL is a sequential list of permit or deny conditions that apply to IP
addresses, MAC addresses, or other more specific criteria. The ECN330-switch
tests ingress or egress packets against the conditions in an ACL one by one. A
packet will be accepted as soon as it matches a permit rule, or dropped as soon
as it matches a deny rule. If no rules match for a list of all permit rules, the packet
is dropped; and if no rules match for a list of all deny rules, the packet is
accepted.
A mask must be configured for an ACL rule before it can be bound to a port or
set the queue or frame priorities associated with the rule. This is done by
Console(config)#management telnet-client 192.168.1.19
Console(config)#management telnet-client 192.168.1.25 192.168.1.30
Console#show management all-client
Management IP Filter
HTTP-Client:
Start IP address End IP address
-----------------------------------------------
SNMP-Client:
Start IP address End IP address
-----------------------------------------------
TELNET-Client:
Start IP address End IP address
-----------------------------------------------
1. 192.168.1.19 192.168.1.19
2. 192.168.1.25 192.168.1.30
Console#
To Next Page
Loading...
Need help?
General
