Extreme Networks EPICenter Reference Manual page 493
Hide thumbs
Also See for EPICenter:
- Software installation manual (546 pages) ,
- Manual (268 pages) ,
- Installation manual (42 pages)
Advertisement
Figure 256: Service selection for an IP policy
From this list you can select from the standard TCP, UDP, IP services, from Custom Applications,
or from specific named services (applications) that are known to the EPICenter policy server. In
the list shown in
Figure
with a protocol and L4 port. If you select an application, the policy server will determine the L4
port from its pre-configured value in the EPICenter database.
The settings "Deny TCP SYN packets" and "Deny TCP SYN packets Any" are the same as the
ExtremeWare settings called "TCP permit established." These settings specify that all new TCP
connections (as indicated by the presence of a Sync request) from the client endpoints to the
server will be denied (existing TCP sessions will continue). When you select either of the "Deny
TCP SYN packet" settings, the traffic direction is automatically set from client to server.
NOTE
When you select either of the Deny TCP SYN packets services, the QoS profiles for all devices in your policy
scope are automatically set to "blackhole" to accomplish the denial of new TCP traffic.
b To specify an L4 port or port range, enter a port number in the L4 Port Range field. Enter a
single port number, or a port range in the form
The L4 Port Range field appears only if you select a service that requires a port specification.
These selections are:
Specify TCP port range
■
Specify UDP port range
■
Deny TCP SYN packets
■
The other selections either indicate any port (TCP Any, UDP Any, IP Any, Deny any TCP SYN
packets) or translate directly to an L4 port.
c If you want to specify an L4 port for the client or user endpoints, click the Specify client L4 port
or the Specify user L4 port check box to display the client service selection fields. The drop-down
list of services is limited to the ability to specify TCP or UDP Any, or a TCP or UDP port range.
11 The last step is to define the access domain for a Security policy or scope for an IP policy—the
devices on which the access list rules should be implemented, along with the QoS profile that should
be associated with these rules.
EPICenter Reference Guide
256, Baan is an example of such a service, and has been preconfigured
<first_port>-<last_port>
Creating a New Policy
.
493
Advertisement
Related Manuals for Extreme Networks EPICenter
Related Products for Extreme Networks EPICenter
- Extreme Networks ExtremeWare XOS Command
- Extreme Networks ExtremeWare Command
- Extreme Networks ExtremeXOS ScreenPlay
- Extreme Networks ExtremeWare Enterprise Manager
- Extreme Networks Extreme Switching ERS 3550T
- Extreme Networks EN-SLX-9030-48S-4C-AC-R
- Extreme Networks EC4400004-E6
- Extreme Networks EC8200A01-E6GS
- Extreme Networks EC8400A02-E6GS
- Extreme Networks ExtremeAccess Series
- Extreme Networks ExtremeSwitching X450-G2-48p-GE4
- Extreme Networks ExtremeSwitching X450-G2-48p-10GE4
- Extreme Networks ExtremeSwitching X450-G2-24t-10GE4
- Extreme Networks ExtremeSwitching X460-G2-48p-10GE4
- Extreme Networks ExtremeSwitching X460-G2-48t-10GE4
- Extreme Networks ExtremeSwitching X450-G2-48t-GE4