beautypg.com

Logging acl activity, Overview, Logging acl activity -15 – Avaya 580 User Manual

Page 435: Overview -15

background image

Document No. 10-300077, Issue 2

13-15

Configuring Access Lists

3. Enter a number between 100 and 199 (or Alphanumeric) (extended

ACL) in the Access List Name field to identify your new access control
list.

4. Enter a number in the Access Rule Index file to identify the access rule.

5. Select Deny/Filter from the Access Type field pull-down menu.

6. Enter the source address (10.1.2.0) and the source address wildcard

(0.0.0.255), respectively, in the Source Address field.

7. Enter the destination address (10.1.1.0) and the destination address

wildcard (0.0.0.255), respectively, in the Dest Address field.

8. Click CREATE to save your changes, or CANCEL to restore previous

settings. Once you create both access rules, all traffic between subnet
10.1.1.0 and 10.1.2.0 is deny/filtered.

*Note: Traffic between any other 10.1.x.0 subnets are not filtered

because the access rules only deny/filter traffic between
subnets 10.1.1.0 and 10.1.2.0.

To deny/filter traffic to a specific address and not to an
entire subnet, you must specify the destination IP address
of the network node, and use a subnet wildcard of 0.0.0.0.

To deny/filter all traffic, you must specify a destination
address of 0.0.0.0 and a wildcard of 255.255.255.255.
This is useful if you want to filter all traffic except traffic
that matches a previous rule. Ensure that you do not make
this your first rule, since ACL rules are read from the top
down and stop after the first rule match, which ignores all
subsequent rules.

Logging ACL Activity

Overview

You can log information about packets that match specific rules in the
active access control list (ACL). Each log entry contains the following
information:

Source and destination IP address.

Protocol ID (RFC 1700 defines these ID numbers).

Time that the match occurred.

Index number of the access rule that was matched.

This manual is related to the following products: