EasyManuals Logo

Foundry Networks Switch and Router User Manual

Default Icon
1070 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1025 background imageLoading...
Page #1025 background image
Policies and Filters
December 2000 C - 21
• If you configure them on Layer 2 and Layer 3 Switches, you specify the source and destination IP address of
the hosts or servers for which you are controlling access.
• If you configure Layer 4 policies on a ServerIron configured for Server Load Balancing (SLB), you specify the
virtual IP address (VIP) associated with the real servers.
Figure C.3 shows an example of TCP/UDP access policies. Although this example does not explicitly identify
these policies as inbound policies or outbound policies, when you apply the policies to individual ports you specify
whether they are for inbound or outbound traffic.
Figure C.3 TCP/UDP Access Policies
Actions
TCP/UDP access policies forward (permit) or drop (deny) IP packets based on the Layer 4 application information
in the packets.
Scope
You configure TCP/UDP access policies globally, then apply them to individual ports. When you apply a TCP/
UDP policy to a port, you specify whether the policy applies to inbound or outbound packets. You can use the
same policy in a port’s inbound policy group and outbound policy group. When you configure a policy group, you
3
5
4
2
Link
Activity
61
7
8
Link
Activity
Link
Activity
Link
Activity
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
Link
Activity
Link
Activity
Link
Activity
Link
Activity
3
5
4
2
61
7
8
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
3
5
4
2
Link
Activity
61
7
8
Link
Activity
Link
Activity
Link
Activity
3
5
4
2
Link
Activity
61
7
8
Link
Activity
Link
Activity
Link
Activity
3
5
4
2
Link
Activity
61
7
8
Link
Activity
Link
Activity
Link
Activity
Link
Activity
13 6
7
8
5
4
2
Pwr
Link
Activity
Link
Activity
Link
Activity
TCP/UDP Access Policy Group for Port 3/1
PolicyID Action Source Destination TCP/UDP Port
--------------------------------------------------------------------------------------------------------------
3 Deny 209.157.22.26/24 any
17 Deny 209.157.22.14/24 any
34 Deny 209.157.22.26/24 201.21.2.7/24 tcp eq ftp
1024 Permit any any
Source:
209.157.22.69/24
Dest:
201.21.2.7/24
TCP eq FTP
201.21.2.7/24
Source:
192.168.69.69/24
Dest:
201.21.2.7/24
TCP eq FTP
Source:
209.157.22.69/24
Dest:
201.21.2.7/24
TCP eq FTP
Source:
209.157.22.11/24
Dest:
201.21.2.7/24
TCP eq HTTP
Permitted
Server
--HTTP
--FTP
Denied
Denied
Bit
Bucket
Source:
209.157.22.26/24
Dest:
201.21.2.7/24
TCP eq HTTP

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Foundry Networks Switch and Router and is the answer not in the manual?

Foundry Networks Switch and Router Specifications

General IconGeneral
BrandFoundry Networks
ModelSwitch and Router
CategorySwitch
LanguageEnglish

Related product manuals