Amer Networks SS2R48G4i V2 User Manual

Page 141

Advertising
background image

SS2R24G4i/SS2R48G4i

130

(1) Create the name of the time range

(2) Configure periodic time range

(3) Configure absolute time range

4. Bind access-list to a specific direction of the specified port.


1.Configuring access-list

(1)

Configuring a numbered standard IP access-list

Command Explanation
Global Mode

access-list <num> {deny | permit}

{{<sIpAddr> <sMask>} | any-source

| {host-source <sIpAddr>}}

no access-list <num>

Creates a numbered standard IP access-list,
if the access-list already exists, then a rule
will add to the current access-list; the “no
access-list <num>“ command deletes a
numbered standard IP access-list.

(2)

Configuring a numbered extensive IP access-list

Command Explanation
Global Mode

access-list <num> {deny | permit} icmp

{{<sIpAddr>

<sMask>} | any-source |

{host-source <sIpAddr>}} {{<dIpAddr> <dMask>}

| any-destination | {host-destination <dIpAddr>}}

[<icmp-type> [<icmp-code>]] [precedence <prec>]

[tos <tos>][time-range<time-range-name>]

Creates a numbered ICMP
extended IP access rule; if the
numbered extended access-list
of specified number does not
exist, then an access-list will
be created using this number.

access-list <num> {deny | permit} igmp

{{<sIpAddr>

<sMask>} | any-source |

{host-source <sIpAddr>}} {{<dIpAddr> <dMask>}

| any-destination | {host-destination <dIpAddr>}}

[<igmp-type>] [precedence <prec>] [tos

<tos>][time-range<time-range-name>]

Creates a numbered IGMP
extended IP access rule; if the
numbered extended access-list
of specified number does not
exist, then an access-list will
be created using this number.

access-list

<num> {deny | permit} tcp

{{<sIpAddr>

<sMask>} | any-source |

{host-source

<sIpAddr>}} [s-port <sPort>]

{{<dIpAddr> <dMask>} | any-destination |

{host-destination <dIpAddr>}} [d-port <dPort>]

[ack+fin+psh+rst+urg+syn] [precedence <prec>]

[tos <tos>][time-range<time-range-name>]

Creates a numbered TCP
extended IP access rule; if the
numbered extended access-list
of specified number does not
exist, then an access-list will
be created using this number.

access-list <num> {deny | permit} udp

{{<sIpAddr>

<sMask>} | any-source |

{host-source

<sIpAddr>}} [s-port <sPort>]

{{<dIpAddr> <dMask>} | any-destination |

{host-destination <dIpAddr>}} [d-port <dPort>]

[precedence

<prec>] [tos

<tos>][time-range<time-range-name>]

Creates a numbered UDP
extended IP access rule; if the
numbered extended access-list
of specified number does not
exist, then an access-list will
be created using this number.

Advertising
Popular Brands
Popular manuals