Using access policies, Creating an access profile, Configuring an access profile – Allied Telesis AT-8550 User Manual

Using Access Policies

12-2

Using Access Policies

To use access policies:

1. Create an access profile.

2. Configure the access profile to be of type permit or deny.

3. Apply the access profile.

Creating an

Access Profile

The first thing to do when using access policies is create an access
profile. An access profile is a named list of IP addresses and
associated subnet masks.

You must give the access profile a unique name (in the same manner
as naming a protocol filter or Spanning Tree Domain). You must also
indicate the type of access list (IP address) to be used. To create an
access profile, use the following command:

create access-profile type

[ipaddress]

Configuring an

Access Profile

After the access profile is created, configure it by adding or deleting
IP addresses. To add or delete IP addresses to an access profile, use
the following command:

config access-profile [add |

delete] {ipaddress }

Then, configure the access list to be one of the following types:

❑ Permit

❑ Deny

The access list type determines whether the items in the list are to be
permitted access or denied access. To configure the type of access
profile, use the following command:

config access-profile mode

[permit | deny]

Applying Access

Profiles

Once the access profile is defined, apply it to one or more routing
protocols. When an access profile is applied to a protocol function
(for example, the export of RIP routes), this forms an access policy. A
profile can be used by multiple routing protocol functions , but a
protocol function can use only one access profile.