Cisco WAP581 Administration Manual page 95

Wireless-ac/n dual radio access point with 2.5gbe lan

Hide thumbs Also See for WAP581:

Quick start manual (14 pages)

Quick start manual (17 pages)

Manual (10 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

page of 134

/ 134
Contents
Table of Contents
Bookmarks

Table of Contents

Access Control

Step 2

Click ✚ to add an ACL.

Step 3

In the ACL Name field, enter the name of the ACL.

Step 4

Choose IPv6 as the ACL type from the ACL Type list. The IPv4 ACL's control access to the network resources are based

on the Layer 3 and Layer 4 criteria.

Step 5

Click ✚ and select the associated interfaces to apply the ACL. Next, click OK. If you want to change the associated

interfaces, you can click ━ to delete the selected interface then click ✚ to choose new associated interfaces.

Step 6

Click More... to view the configuration parameters. Click ✚ to add a rule and configure the following:

If no rules are added, the WAP denies all traffic by default.

Note

• Rule Priority — When an ACL has multiple rules, the rules are applied to the packet or frame in order of priority.

A smaller number means a higher priority. The priority of the new rule will be the lowest of all explicit rules. You

can click the up or down button to change its priority. Note that there is always an implicit rule denying all traffic

with lowest priority.

• Action — Choose whether to Deny or Permit the action. The default action is Deny.

When you choose Permit, the rule allows all traffic that meets the rule criteria to enter the WAP device. Traffic that

does not meet the criteria is dropped.

When you choose Deny, the rule blocks all traffic that meets the rule criteria from entering the WAP device. Traffic

that does not meet the criteria is forwarded unless this rule is the final rule. Because there is an implicit deny all rule

at the end of every ACL, traffic that is not explicitly permitted is dropped.

• Service (Protocol) — Uses a Layer 3 or Layer 4 protocol match condition based on the value of the IP Protocol

field. You can choose one of these options:

• All Traffic — Allows all traffic that meets the rule criteria.

• Select From List — Choose one of these protocols: IPv6, ICMPv6, IGMP, TCP, or UDP.

• Custom — Enter a standard IANA-assigned protocol ID from 0 to 255. Choose this method to identify a

protocol not listed in the Select From List.

• Source IPv6 Address — Requires the packet's source IP address to match the address defined in the appropriate

fields.

• Any— Allows for any IP address.

• Single Address — Enter the IP address to apply this criteria.

• Address/Mask — Enter the source IP address wild card mask. The wild card mask determines which bits are

used and which bits are ignored. A wild card mask of 255.255.255.255 indicates that no bit is important. A

wild card of 0.0.0.0 indicates that all bits are important.

A wild card mask is basically the inverse of a subnet mask. For example, to match the criteria to a single host

address, use a wild card mask of 0.0.0.0. To match the criteria to a 24-bit subnet (for example, 192.168.10.0/24),

use a wild card mask of 0.0.0.255.

• Source Port — Includes a source port in the match condition for the rule. The source port is identified in the datagram

header.

• Any— Allows for any source port.

• Select From List — Choose the keyword associated with the source port to match: ftp, ftpdata, http, smtp,

snmp, telnet, tftp, www. Each of these keywords translates into its equivalent port number.

Cisco WAP581 Wireless-AC/N Dual Radio Access Point with 2.5GbE LAN Administration Guide

Configure IPv6 ACLs

Table of Contents

Cisco WAP581 Administration Manual page 95

Related Manuals for Cisco WAP581

Related Products for Cisco WAP581

Table of Contents