Enterasys csx200 Betriebsanweisung
CSX200 Configuration with QuickSET
CSX200 Family User’s Guide
67
The following definitions explain the fields in the Firewall configuration window.
ACL (Access Control List) —
The Access Control List number is a number assigned to a
specific list of sequence numbers.
Sequence —
A number assigned to individual access filters in an access list. As only one IP
Access Control List can be applied to each port, a single list often includes several access control
filters. Each filter permits or denies access to or from a certain host, subnet, or network. When an
access control list contains multiple filters, the filters are referenced in order of their sequence
numbers.
filters. Each filter permits or denies access to or from a certain host, subnet, or network. When an
access control list contains multiple filters, the filters are referenced in order of their sequence
numbers.
Source IP —
The Source IP field displays the IP address of the source device accorded the
permissions set in the permissions field. To set permissions for a source device, place the cursor in
the Source IP field and type the IP address of the source that you wish to set permissions.
the Source IP field and type the IP address of the source that you wish to set permissions.
Source Mask —
Displays the mask for the Source IP address specified in the Source IP field. To
set the mask for the specified source IP address, place the cursor in the Source Mask field and type
the mask.
the mask.
The default Mask for both the source and destination addresses is 0.0.0.0, which masks the entire
address, causing all addresses to match the filter. In other words, the default access control list
allows all traffic to pass. Entering a mask of 255.255.255.255 causes only packets matching the
exact address you have entered to match the filter.
address, causing all addresses to match the filter. In other words, the default access control list
allows all traffic to pass. Entering a mask of 255.255.255.255 causes only packets matching the
exact address you have entered to match the filter.
For a Class C address, entering a mask of 255.255.255.0 causes packets with the same Class C
subnet as the IP address to match, thereby causing the access control filter to apply to all hosts on
this particular subnet.
subnet as the IP address to match, thereby causing the access control filter to apply to all hosts on
this particular subnet.
Dest IP —
The Dest IP field displays the IP address of the destination device accorded the
permissions set in the permissions field. To set permissions for a certain destination device, place
the cursor in the Dest IP field and type the IP address of the destination for which you wish to set
permissions.
the cursor in the Dest IP field and type the IP address of the destination for which you wish to set
permissions.
Dest Mask —
Displays the mask for the Destination IP address specified in the Dest IP field. To
set the mask for the specified destination IP address, place the cursor in the Dest Mask field and
type the mask.
type the mask.
NOTE
The Add Firewall button clears the fields in the Firewall configuration window,
allowing you to type in the fields as necessary. The Apply Changes button adds the
newly entered filter to the Access Control List.
allowing you to type in the fields as necessary. The Apply Changes button adds the
newly entered filter to the Access Control List.