Cisco Cisco WAP351 Wireless-N Dual Radio Access Point with 5-Port Switch Manual De Mantenimiento
ACL
ACL Rule
Cisco WAP131 and WAP351 Administration Guide
137
8
•
ACL Name - ACL Type—Choose the ACL to configure with the new rule.
•
Rule—Choose New Rule to configure a new rule for the selected ACL. When
an ACL has multiple rules, the rules are applied to the packet or frame in the
order in which you add them to the ACL. There is an implicit deny all rule as
the final rule.
an ACL has multiple rules, the rules are applied to the packet or frame in the
order in which you add them to the ACL. There is an implicit deny all rule as
the final rule.
•
Action—Choose whether the ACL rule permits or denies an action.
When you choose Permit, the rule allows all traffic that meets the rule
criteria to enter the WAP device. Traffic that does not meet the criteria is
dropped.
criteria to enter the WAP device. Traffic that does not meet the criteria is
dropped.
When you choose Deny
,
the rule blocks all traffic that meets the rule criteria
from entering the WAP device. Traffic that does not meet the criteria is
forwarded unless this rule is the final rule. Because there is an implicit deny
all rule at the end of every ACL, traffic that is not explicitly permitted is
dropped.
forwarded unless this rule is the final rule. Because there is an implicit deny
all rule at the end of every ACL, traffic that is not explicitly permitted is
dropped.
•
Match Every Packet—If enabled, the rule, which either has a permit or deny
action, matches the frame or packet regardless of its contents. If you enable
this feature, you cannot configure any additional match criteria. This option is
selected by default for a new rule. You must disable the option to configure
other match fields.
action, matches the frame or packet regardless of its contents. If you enable
this feature, you cannot configure any additional match criteria. This option is
selected by default for a new rule. You must disable the option to configure
other match fields.
•
Protocol—Uses a Layer 3 or Layer 4 protocol match condition based on the
value of the IP Protocol field in IPv4 packets or the Next Header field in IPv6
packets. You can choose one of these options or choose Any:
value of the IP Protocol field in IPv4 packets or the Next Header field in IPv6
packets. You can choose one of these options or choose Any:
-
Select From List—Choose one of these protocols: IP, ICMP, IGMP, TCP, or
UDP.
UDP.
-
Match to Value—Enter a standard IANA-assigned protocol ID from 0 to
255. Choose this method to identify a protocol not listed by name in the
Select From List.
255. Choose this method to identify a protocol not listed by name in the
Select From List.
•
Source IP—Requires the packet's source IP address to match the address
defined in the appropriate fields.
defined in the appropriate fields.
-
Source IP Address—Enter the IP address to apply this criteria.
-
Wild Card Mask—Enter the source IP address wildcard mask. The
wildcard mask determines which bits are used and which bits are
ignored. A wildcard mask of 255.255.255.255 indicates that no bit is
important. A wildcard of 0.0.0.0 indicates that all bits are important. This
field is required when Source IP Address is checked.
wildcard mask determines which bits are used and which bits are
ignored. A wildcard mask of 255.255.255.255 indicates that no bit is
important. A wildcard of 0.0.0.0 indicates that all bits are important. This
field is required when Source IP Address is checked.