Case 2: Deny specific Source IP Address – Class C
Purpose:
Verify a positive and negative matches to network IP address with a Class C (24 bit mask) , no matter the rule
defined as permit or deny.
1.
Set Hosts within the same Class C Network domain, as the targets at this case.
2.
Once the deny policy be applied, all IP packets from the targets' IP Addresses will be dropped.
3.
No matter IP packets form the targets be transmitted to Internet or Intranet within the same IP segment, they
will be dropped.
Case Design:
Action
Match
Source IP Address
Destination IP Address
Device Connection and Configuration:
Target
Class C
ACL Policy Configuration:
DENY
IP
Class C
192.168.1.0 / 255.255.255.0
ANY
ID
Source Address
2
192.168.1.0 / 255.255.255.0
Stream
Destination Address
Any
Protocol
Any
- 80 -