Configuring An Acl To Support Renaming; Acl Configuration Example - Zte ZXR10 5900 Series User Manual

All gigabit-port intelligent routing switch

Hide thumbs Also See for ZXR10 5900 Series:

User manual (133 pages)

Hardware manual (53 pages)

Product description (77 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

page of 208

/ 208
Contents
Table of Contents
Bookmarks

Table of Contents

ZXR10 5900/5200 Series User Manual (Basic Configuration Volume)

Step Command

ZXR10(config)#

>|name <acl-name>}

ZXR10(config-std-acl)#

}{<source>[<source-wildcard>]|any}[time-range

<timerange-name>]

ZXR10(config-std-acl)#

<1-100><rule-description>

Confidential and Proprietary Information of ZTE CORPORATION

Configuring an ACL to Support

Renaming

To configure a name for ACL rule, use the following commands.

acl standard {number <acl-number

rule <1-100>{permit|deny

rule-description

Example: Define a standard ACL, permitting packets from net-

work segment 192.168.1.0/24 to pass through and denying pack-

ets whose source IP addresses are 192.168.1.100. Rule 1 and rule

2 can be configured different name.

ZXR10(config)#acl standard number 10

ZXR10(config-std-acl)#rule 1 deny 192.168.1.100 0.0.0.0

ZXR10(config-std-acl)#rule-description

ZXR10(config-std-acl)#rule 2 permit 192.168.1.0 0.0.0.255

ZXR10(config-std-acl)#rule-description

Note:

Currently only IPv4 standard ACL, IPv4 extended ACL, IPv4 hybrid

ACL and IPv4 layer 2 ACL support ACL renaming function.

ACL Configuration Example

A company has an Ethernet switch, to which users of both de-

partment A and department B and servers are connected. This is

shown in

Figure

18. The relevant provisions as follows:

1. Users of both department A and department B are forbidden

to access the FTP server and the VOD server in work time

(9:00–17:00), but can access the Mail server at any time.

2. Internal users can access the Internet through proxy

192.168.3.100, but users of department A are forbidden to

access the Internet in work time.

3. General Managers of both department A and department B

(with their IP addresses as 192.168.1.100 and 192.168.2.100

respectively) may access the Internet and all servers at any

time.

The IP addresses of the servers are as follows:

Function

This enters ACL configuration

mode.

This configures the rules of

ACL.

This configures name for a

rule.

1 test1

2 test2

Table of Contents

Show Quick Links

Hide quick links:

Chapters

Table of Contents

This manual is also suitable for:

Zxr10 5200 series Zxr10 5924 Zxr10 5928 Zxr10 5928–fi Zxr10 5952 Zxr10 5224 ... Show all

Configuring An Acl To Support Renaming; Acl Configuration Example - Zte ZXR10 5900 Series User Manual

ACL Configuration Example

Hide quick links:

Chapters

Related Manuals for Zte ZXR10 5900 Series

Related Content for Zte ZXR10 5900 Series

This manual is also suitable for:

Table of Contents