beautypg.com

Examples, Figure 71: acl example 1 – Allied Telesis AT-S62 User Manual

Page 240

background image

Chapter 15: Access Control Lists

Section II: Advanced Operations

240

❑ It does not matter the order in which you add ACLs to a port. An

ingress packet is compared against all the ACLs assigned to a port.

❑ A classifier can be assigned to multiple ACLs. However, a classifier

cannot be assigned more than once to a port. Put another way,
ACLs that have the same classifier cannot be assigned to the same
port.

❑ The switch can store up to 64 ACLs.

Examples

This section contains several examples of ACLs.

In this example, port 4 is assigned a deny ACL for the subnet 149.11.11.0.
This ACL prevents the port from accepting any traffic originating from
that subnet. Since this is the only ACL applied to the port, all other traffic
is accepted. As explained earlier, a port automatically accepts all packets
that do not meet the criteria of the classifiers assigned to its ACLs.

Figure 71 ACL Example 1

Create Access Control Lists (ACL)

1 - ACL ID ................. 4
2 - Description .......... 149.11.11-deny
3 - Action .................. Deny
4 - Classifier List ...... 22
5 - Port List .............. 4

Create Classifier

01 - Classifier ID: ..... 22
02 - Description: ...... 149.11.11 flow
.
.
12 - Src IP Addr: ..... 149.11.11.0
13 - Src IP Mask ..... 255.255.255.0

See also other documents in the category Allied Telesis Computer hardware: