Table of Contents
Advertisement
Destination
Source Port
Destination Port
ICMP Type
ICMP Code
Protocol
Mark
Log
Description
16. Click the
OK
button to save all changes made to the
to the previous screen.
17. Select existing inbound or outbound
display a screen where Firewall rules can be created.
18. Select the
+ Add Row
button.
19. Select the added row to expand it into configurable parameters.
Select the destination IPv6 address or network group configuration used as a basis
matching criteria for this IPv6 ACL rule. Destination options include:
• Any – Indicates any host device in any IPv6 network.
• Network – Indicates all hosts in a particular IPv6 network. Subnet mask information
has to be provided for filtering based on network.
• Host – Indicates a single host with a specific IPv6 address.
If using either tcp or udp as the protocol, define whether the source port for incoming IPv6
ACL rule application is any, equals or an administrator defined range. If not using tcp or
udp, this setting displays as N/A. This is the data local origination virtual port designated
by the administrator. Selecting equals invokes a spinner control for setting a single
numeric port. Selecting range displays spinner controls for Low and High numeric range
settings. A source port cannot be a destination port.
If using either tcp or udp as the protocol, define whether the destination port for incoming
IPv6 ACL rule application is any, equals or an administrator defined range. If not using tcp
or udp, this setting displays as N/A. This is the data local origination virtual port
designated by the administrator. Selecting equals invokes a spinner control for setting a
single numeric port. Selecting range displays spinner controls for Low and High numeric
range settings.
Selecting ICMP as the protocol for the IPv6 rule displays an additional set of ICMP specific
options for ICMP type and code. The Internet Control Message Protocol (ICMP) uses
messages identified by numeric type. ICMP messages are used for packet flow control or
generated in IP error responses. ICMP errors are directed to the source IP address of the
originating packet. Assign an ICMP type from 1-10.
Selecting ICMP as the protocol for the IPv6 rule displays an additional set of ICMP specific
options for ICMP type and code. Many ICMP types have a corresponding code, helpful for
troubleshooting network issues (0 - Net Unreachable, 1- Host Unreachable, 2 - Protocol
Unreachable etc.).
Select the protocol to filter for this IPv6 ACL. Use the drop down to select from a list of
predefined protocol or use the spinner control to set a particular protocol number.
Select this option to mark certain fields inside a packet before allowing them. Mark is only
applicable for Allow rules. Mark sets the rule's 802.1p or dscp level (from 0 - 7)
Select this option to create a log entry that a firewall rule has allowed a packet to be
either denied or allowed.
Lists the administrator assigned description applied to the IPv6 ACL rule. Select a
description within the table to modify its character string as filtering changes warrant.
Select the icon within the Description table header to launch a Select Columns screen
used to add or remove IPv6 ACL criteria from the table.
IPv6 Firewall Rules
MAC Firewall Rules
using the drop-down menu. If no rules exist, select
dialog. Click
Exit
to close the dialog and return
6 - 33
Create
to
- Quick Links:
- Accessing the Web Ui
Hide quick links:
Advertisement
Table of Contents
