Example #2: Configure A One-Way Access Using A Tcp Flag In An Acl - NETGEAR 7000 Series Administration Manual

NETGEAR 7000 Series Managed Switch Administration Guide Version 7.2
Create ACL 101. Define the first rule: the ACL will permit packets with a match
on the specified source IP address (after the mask has been applied), that are
carrying TCP traffic, and that are sent to the specified destination IP address.
(Netgear Switch) #config
(Netgear Switch) (Config)#access-list 101 permit tcp 192.168.77.0 0.0.0.255
192.178.77.0 0.0.0.255
Define the second rule for ACL 101. Define the rule to set similar conditions
for UDP traffic as for TCP traffic.
(Netgear Switch) (Config)#access-list 101 permit udp 192.168.77.0 0.0.0.255
192.178.77.0 0.0.0.255
Apply the rule to inbound traffic on port 1/0/2. Only traffic matching the
criteria will be accepted.
(Netgear Switch) (Config)#interface 1/0/2
(Netgear Switch) (Interface 1/0/2)#ip access-group 101 in
(Netgear Switch) (Interface 1/0/2)#exit
(Netgear Switch) (Config)#exit
Example #2: Configure a One-Way Access Using a TCP Flag in an
ACL
This example shows how to set up one-way web access using a TCP flag in an ACL.
PC1 can access FTP server1 and FTP server2 but PC2 only access FTP server2.
Figure 9-2
9-4
v1.0, May 2008
Access Control Lists (ACLs)