Configuring the Switch
3-86
3
Web
– Specify the action (i.e., Permit or Deny). Specify the source and/or
destination addresses. Select the address type (Any, Host, or IP). If you select
“Host,” enter a specific address. If you select “IP,” enter a subnet address and the
mask for an address range. Set any other required criteria, such as service type,
protocol type, or TCP control code. Then click Add.
Figure 3-50 ACL Configuration - Extended IP
CLI
– This example adds two rules:
(1) Accept any incoming packets if the source address is in subnet 10.7.1.x. For
example, if the rule is matched; i.e., the rule (10.7.1.0 & 255.255.255.0) equals
the masked address (10.7.1.2 & 255.255.255.0), the packet passes through.
(2) Allow TCP packets from class C addresses 192.168.1.0 to any destination
address when set for destination TCP port 80 (i.e., HTTP).
(3) Permit all TCP packets from class C addresses 192.168.1.0 with the TCP control
code set to “SYN.”
Console(config-ext-acl)#permit 10.7.1.1 255.255.255.0 any
4-105
Console(config-ext-acl)#permit tcp 192.168.1.0 255.255.255.0 any
destination-port 80
Console(config-ext-acl)#permit tcp 192.168.1.0 255.255.255.0 any
control-flag 2 2
Console(config-std-acl)#
Summary of Contents for 24/48 10/100 Ports + 2GE
Page 2: ......
Page 4: ...ES3526XA ES3552XA F2 2 6 3 E122006 CS R02 149100005500H...
Page 18: ...Contents xiv...
Page 22: ...Tables xviii...
Page 26: ...Figures xxii...
Page 34: ...Introduction 1 8 1...
Page 44: ...Initial Configuration 2 10 2...
Page 242: ...Configuring the Switch 3 198 3...
Page 498: ...Software Specifications A 4 A...
Page 511: ......
Page 512: ...ES3526XA ES3552XA E122006 CS R02D 149100005500H...