Cisco RVS4000 - Gigabit Security Router User Manual page 23

Chapter 5
Firewall > IP Based ACL
Priority
This is the rule's priority.
Enable This indicates whether the rule is enabled or
disabled.
Action. This is the rule's action, either Allow or Deny.
Service This is the service(s) to which the rule applies.
Source Interface This is the source interface, either WAN,
LAN, or ANY.
Source This is the source IP address, which can be one
specific IP address, ANY (all IP addresses), a range of IP
addresses, or a specific IP subnet.
Destination This is the destination IP address, which can
be one specific IP address, ANY (all IP addresses), a range
of IP addresses, or a specific IP subnet.
Time
The time of day when the rule is in effect, either Any
Time (24 hours) or a specific start and end time.
Day The day(s) of the week when the rule is in effect. This
may be Any Day or a user-specified set of days.
Edit button Click Edit at the end of a row to edit the
associated rule.
Delete button Click Delete at the end of a row to delete
the associated rule.
To add a new rule to the ACL rule table, click Add New
Rule and the Edit IP ACL Rule screen appears. Follow the
instructions in the section below to create a new ACL
rule. To disable all the rules without deleting them, click
Disable All Rules. To delete all the rules from the table,
click Delete All Rules.
4-Port Gigabit Security Router with VPN
Setting Up and Configuring the Router
Editing IP ACL Rules
Edit IP ACL Rule
Action Select the desired action, Allow or Deny, from
the drop-down menu.
Service Select the service types to which the rule will
apply. You can either select one of the predefined services
in the drop-down menu; select ALL to allow or deny all
types of IP traffic; or define a new service by clicking Service
Management to bring up the Service Management screen,
then the new service's Name, select the Type (TCP, UDP, or
TCP/UDP), enter the Start Port and Finish Port, then click
Save. The new service will then appear in the drop-down
menu on the Edit IP ACL Rule screen.
Log Select this option to log all traffic that is filtered by
this rule.
Log Prefix Enter a text string that will be prepended to
each matched event in the log.
Source Interface Select the source interface, WAN, LAN,
or ANY, from the drop-down menu.
Source IP To apply the rule to one source IP address,
select Single from the drop-down menu, then enter
the address in the field. To apply the rule to all source IP
addresses, select ANY from the drop-down menu. To
apply the rule to a range of IP addresses, select Range and
enter the starting and ending IP addresses. To apply the
rule to a subnet, select Net and enter the IP address and
subnet mask.
Destination IP
To apply the rule to one destination IP
address, select Single from the drop-down menu, then
enter the address in the field. To apply the rule to all
destination IP addresses, select ANY from the drop-down
menu. To apply the rule to a range of IP addresses, select
Range and enter the starting and ending IP addresses.
To apply the rule to a subnet, select Net and enter the IP
address and subnet mask.
Days To make the rule apply on a daily basis, select
Everyday. To make the rule apply on specific days of the
week only, select the desired days.
16