AddPac VoiceFinder AP2120 User Manual page 103

VoiceFinder AP2120 VoIP Gateway User's Guide Version 1.00
[Example] Extended Access-List Configuration and Usage
router (config)#
router (config)# access-list 31 deny tcp 140.1.1.0 0.0.0.255
145.1.1.0 0.0.0.255 eq ftp
to the host whose destination address is "145.1.1.0/24Bit" from
"140.1.1.0/24bit" of the source address through the ftp port.
router (config)# access-list 31 deny tcp 140.1.1.0 0.0.0.255
145.1.1.0 0.0.0.255 eq ftp-data
accessing to the host whose destination is "145.1.1.0/24Bit" from
"140.1.1.0/24bit" of the source address through the ftp-data port.
router (config)# access-list 31 permit tcp 140.1.1.0
0.0.0.255 145.1.1.0 0.0.0.255 eq ftp establish
packets whose sessions are set already among the TCP packets
accessing to the host whose destination is "145.1.1.0/24Bit" from
"140.1.1.0/24bit" of the source address through the ftp port.
router (config)# access-list 31 permit ip any any
all IP packets except those matching conditions above.
router (config)# interface Ethernet 0 0
configuration mode of the interface Ethernet 0.0
router(config-ether0.0)# ip
mode.
router (config-ether0.0)# ip access-group 31 in
the Access-List 31 that has been set for all IP packets incoming
through the Ethernet 0.0 interface.
router (config-ether0.0)# end
router # show access-list 31
has been set.
AddPac Technology Co., Ltd.
☞ In this mode, Access-list Config is possible.
Extended Access List (Index = 31)
1 : deny tcp 140.1.1.0 0.0.0.255 145.1.1.0 0.0.0.255
2 : deny tcp 140.1.1.0 0.0.0.255 145.1.1.0 0.0.0.255 eq
ftp-data
3 : deny tcp 140.1.1.0 0.0.0.255 145.1.1.0 0.0.0.255 eq ftp
established
☞ Denies all TCP packets accessing
☞ Denies all TCP packets
☞ Enters into the
☞ Enters into ip configuration
☞ Shows the Access-List 31 that
☞ Permits only
☞ Permits
☞ Applies
103
- -