Security and authentication
11.4 IP access control list
SCALANCE XM-400/XR-500 Command Line Interface (CLI)
Configuration Manual, 11/2015, C79000-G8976-C252-10
715
Call up the command with the following parameters:
permit {any | ospf | vrrp | <protocol-type type(1-255)>} {any | host <src-ip> |
<network-src-ip> <mask>} {any | host <dest-ip> | <network-dest-ip> <mask>} [dscp
<value(0-63)>]
or
permit {any | host <src-ip> | <network-src-ip> <mask>} [{any | host <dest-ip> |
<network-dest-ip> <mask>}]
The parameters have the following meaning:
Forwarding of OSPF frames. -
Forwarding of VRRP frames.
Keyword for the protocol type
Allows all incoming frames
Keyword for a single IP address
Enter a valid IP address.
Enter a valid combination of IP
address and subnet mask.
Corresponding subnet mask
Allows all outgoing frames
Keyword for a single IP address
Enter a valid IP address.
Network destination address
Enter a valid combination of IP
address and subnet mask.
Corresponding subnet mask
Keyword for the Differentiated Services
-
Value for the Differentiated Services
0 ... 63
For information on names of addresses and interfaces, refer to the section "Interface
identifiers and addresses (Page 39)".
The IP access list has been configured.
Note
Subnet mask for individual hosts
If you create the rule for a single system (one IP address), you will need to specify the
subnet mask "255,255,
255,255". As an alternative, you can specify the keyword "host"
followed by the IP address.
To Next Page
Loading...
Need help?
General