2 example 2, 1 configure the black box lr1104a, 3 example 3 – Black Box LR1102A-T1/E1 User Manual

Black Box LR11xx Series Router Configurations Guide

22

Blackbox/configure/ip> apply_filter ether0 filtera in

Blackbox/configure/ip> apply_filter WAN1 filtera in

Blackbox/configure/ip> exit

Blackbox/configure> exit

Blackbox> save local

3.1.2 Example 2

Consider the same network addressing as in example 1. The network administrator has a slightly different
requirement - he wishes to permit FTP sessions from all networks to the internal FTP server (222.199.19.12), deny
FTP sessions to all other addresses, and permit all other traffic to flow through the Black Box unit.

3.1.2.1 Configure the Black Box LR1104A
Blackbox> configure terminal

Blackbox/configure> ip

Blackbox/configure/ip> filter_list filterb (gives the list a name)

Blackbox/configure/ip/filter_list> add permit tcp any 222.199.19.12 dport =21

Blackbox/configure/ip/filter_list> add deny tcp any 222.199.19.0 dport =21

Blackbox/configure/ip/filter_list> add permit ip any any

Blackbox/configure/ip/filter_list> exit

Blackbox/configure/ip> apply_filter WAN1 filterb in

Blackbox/configure/ip> exit

Blackbox/configure> exit

Blackbox> save local

3.1.3 Example 3

Example 3 focuses on a filter list where the network administrator is specifically denying all traffic from a specific
external network (197.100.200.0/24) access through the Black Box unit.

3.1.3.1 Configure the Black Box LR1104A
Blackbox> configure terminal

Blackbox/configure> ip

Blackbox/configure/ip> filter_list filterc (gives the list a name)

Blackbox/configure/ip/filter_list> add deny ip 197.100.200.0/24 any

Blackbox/configure/ip/filter_list> add permit ip any any

Blackbox/configure/ip/filter_list> exit

Blackbox/configure/ip> apply_filter WAN1 filterc in

Blackbox/configure/ip> exit

Blackbox/configure> exit

Blackbox> save local