3com 3CRWX120695A WXR100 User Manual
222
C
HAPTER
6: C
ONFIGURING
WX S
YSTEM
P
ARAMETERS
To configure an ACL
1 Access the Create ACL wizard:
a Select the Configuration tool bar option.
b In the Organizer panel, click the plus sign next to the WX switch.
c Click the plus sign next to System.
d Select ACLs.
e In the Task List panel, select ACL.
2 In the ACL Name box, type the name for the ACL (1 to 32 alphanumeric
characters, with no spaces or tabs). The name can include hyphens (-),
underscores (_), or periods (.). ACL names are case-sensitive and must
begin with a letter. Do not include any of the following terms in the
name: all, default-action, map, help, editbuffer.
underscores (_), or periods (.). ACL names are case-sensitive and must
begin with a letter. Do not include any of the following terms in the
name: all, default-action, map, help, editbuffer.
3 Click Add Rule. A new ACE (ACL rule) appears above the implicit deny all
rule that is at the end of every ACL.
Each ACL has a rule at the end that denies all source and destination IP
addresses. This rule provides security be ensuring that the only traffic
permitted by an ACL is the traffic you want to permit. This rule is
automatically added to the end of each ACL and cannot be edited or
removed.
addresses. This rule provides security be ensuring that the only traffic
permitted by an ACL is the traffic you want to permit. This rule is
automatically added to the end of each ACL and cannot be edited or
removed.
After you add an ACE to the table, each subsequent ACE appears above
the implicit deny all ACE at the bottom of the list, but beneath all the
other ACEs you have configured.
the implicit deny all ACE at the bottom of the list, but beneath all the
other ACEs you have configured.
The switch uses the ACEs in the order they appear in the list, beginning at
the top. Because the action in the first ACE that matches a packet is used,
the order the ACEs appear in is important. (You can reorder them. See
step 13.)
the top. Because the action in the first ACE that matches a packet is used,
the order the ACEs appear in is important. (You can reorder them. See
step 13.)
4 Specify the source IP address by clicking in the Source IP column and
editing the value. To match on all source IP addresses, leave the value
0.0.0.0/0.
0.0.0.0/0.
5 Specify the destination IP address by clicking in the Source IP column and
editing the value. To match on all destination IP addresses, leave the
value 0.0.0.0/0.
value 0.0.0.0/0.
6 To specify the protocol:
a Click on the down arrow in the Protocol column.