2 ip based acl configure sample – Planet Technology WGSD-8000 User Manual

Page 66

Advertising
background image

User’s Manual of WGSD-1022/WGSD-8000

- 66 –

Fin, indicates request to close a session.

Source Port

Defines the TCP/UDP source port to which the ACE is matched. This field is active
only if 800/6-TCP or 800/17-UDP is selected in the Select from List drop-down
menu.

The possible field range is 0 - 65535

Destination Port

Defines the TCP/UDP destination port. This field is active only if 800/6-TCP or
800/17-UDP is selected in the Select from List drop-down menu.

The possible field range is 0 - 65535

Source IP Address Matches the source port IP address to which packets are addressed to the ACE

Wildcard Mask

Defines the source IP address wildcard mask. Wildcard masks specify which bits
are used and which bits are ignored.

A wild card mask of 255.255.255.255 indicates that no bit is important.

A wildcard of 0.0.0.0 indicates that all the bits are important.

For example, if the source IP address 149.36.184.198 and the wildcard mask is
255.36.184.00, the first eight bits of the IP address are ignored, while the last eight
bits are used.

Destination IP

Address

Matches the destination port IP address to which packets are addressed to the ACE

Wildcard Mask

Defines the destination IP address wildcard mask

Match DSCP

Matches the packet DSCP value to the ACE. Either the DSCP value or the IP
Precedence value is used to match packets to ACLs.

The possible field range is 0-63

Match IP

Precedence

Matches the packet IP Precedence value to the ACE. Either the DSCP value or the
IP Precedence value is used to match packets to ACLs.

The possible field range is 0-7

Use the

Add to List

button when you add the configured IP Based ACLs to the IP Based ACL Table at the bottom of the

screen.

4.6.2 IP Based ACL Configure Sample

This section shows how to build a IP Based ACL and apply to specify interface.

Sample Case: Deny IP packets to specific Class C network

¾

Purpose:

Verify a positive and negative matches to network IP address with a Class C (24 bit mask) , no matter the rule defined as

permit or deny.

Advertising
Popular Brands
Popular manuals