Assistance in the Protection from Un-
authorized Access
112
6.8
Access Control Lists (ACL)
UM Basic Configuration L3P
Release
7.1
12/2011
DSCP field
IP precedence field
Note: If you are using IP ACLs at ports which are located in the HIPER-Ring
or which participate in the Ring/network coupling, you add the following rule
to the ACLs:
PERMIT
Protocol: UDP
Source IP: ANY
Destination IP: 0.0.0.0/32
Source port: 0
Destination port: 0
CLI command (1xx stands for 100..199):
access-list 1xx permit udp any eq 0
0.0.0.0 0.0.0.0 eq 0
Note: IP address masks in the rules of ACLs are inverse.
This means that if you want to mask a single IP address, you select the
netmask 0.0.0.0.
6.8.3 Description of MAC-based ACLs
While you use an ID number to identify IP-based ACLs, you use a unique
name of your choice to identify MAC-based ACLs.
MAC-based ACLs provide the following criteria for filtering:
Source MAC address with masks or all sources (any)
Destination MAC address or all destinations (any)
Ethernet type
To Next Page
Loading...
