Creating An Access List - Cisco GSS-4492R-K9 Administration Manual

Filtering GSS Traffic Using Access Lists

Creating an Access List

Cisco Global Site Selector Administration Guide
5-4
Table 5-1 GSS-Related Ports and Protocols for Inbound Traffic (continued)
Source Port Destination
(Remote Port
Device) (GSS)
3340 *
3341 *
3342 *
* 5001
5001 *
5002 *
*Any legal port number
You can use the access-list command in global configuration mode to create an
access list. You must have access to the CLI of each GSS device to create access
lists for that device.
The syntax for the access-list command is as follows:
access-list name {permit | deny} protocol [source-address source-netmask |
host source-address | any] operator port [port] [destination-port
operator port [port]]
The keywords and arguments are as follows:
name—Alphanumeric name used to identify the access list you are creating.
•
permit—Allows a connection when a packet matches the condition. All
•
provisions of the condition must be met to make a match.
deny —Prevents a connection when a packet matches the condition. All
•
provisions of the condition must be met to make a match.
Chapter 5 Configuring Access Lists and Filtering GSS Traffic
Protocol
TCP Sticky and Config Agent
communication
TCP Sticky communication source
TCP Sticky and DNS processes
communication
TCP Global sticky mesh protocol traffic
TCP Return traffic of global sticky mesh
protocol traffic
UDP Return traffic of KAL-AP
keepalives
Details
OL-10410-01