3com WX1200 3CRWX120695A Manuel D’Utilisation
30
C
HAPTER
1: U
SING
THE
C
OMMAND
-L
INE
I
NTERFACE
IP Address and Mask
Notation
MSS displays IP addresses in dotted decimal notation — for example,
192.168.1.111. MSS makes use of both subnet masks and wildcard
masks.
192.168.1.111. MSS makes use of both subnet masks and wildcard
masks.
Subnet Masks
Unless otherwise noted, use classless interdomain routing (CIDR) format
to express subnet masks — for example, 192.168.1.112/24. You indicate
the subnet mask with a forward slash (/) and specify the number of bits in
the mask.
to express subnet masks — for example, 192.168.1.112/24. You indicate
the subnet mask with a forward slash (/) and specify the number of bits in
the mask.
Wildcard Masks
Security access control lists (ACLs) use source and destination IP addresses and
wildcard masks to determine whether the wireless LAN switch filters or
forwards IP packets. Matching packets are either permitted or denied network
access. The ACL checks the bits in IP addresses that correspond to any 0s
(zeros) in the mask, but does not check the bits that correspond to 1s (ones) in
the mask. You specify the wildcard mask in dotted decimal notation.
wildcard masks to determine whether the wireless LAN switch filters or
forwards IP packets. Matching packets are either permitted or denied network
access. The ACL checks the bits in IP addresses that correspond to any 0s
(zeros) in the mask, but does not check the bits that correspond to 1s (ones) in
the mask. You specify the wildcard mask in dotted decimal notation.
For example, the address 10.0.0.0 and mask 0.255.255.255 match all IP
addresses that begin with 10 in the first octet.
addresses that begin with 10 in the first octet.
The ACL mask must be a contiguous set of zeroes starting from the first
bit. For example, 0.255.255.255, 0.0.255.255, and 0.0.0.255 are valid
ACL masks. However, 0.255.0.255 is not a valid ACL mask.
bit. For example, 0.255.255.255, 0.0.255.255, and 0.0.0.255 are valid
ACL masks. However, 0.255.0.255 is not a valid ACL mask.
User Globs, MAC
Address Globs, and
VLAN Globs
Name “globbing” is a way of using a wildcard pattern to expand a single
element into a list of elements that match the pattern. MSS accepts user
globs, MAC address globs, and VLAN globs. The order in which globs
appear in the configuration is important, because once a glob is matched,
processing stops on the list of globs.
element into a list of elements that match the pattern. MSS accepts user
globs, MAC address globs, and VLAN globs. The order in which globs
appear in the configuration is important, because once a glob is matched,
processing stops on the list of globs.
User Globs
A user glob is shorthand method for matching an authentication,
authorization, and accounting (AAA) command to either a single user or
a set of users.
authorization, and accounting (AAA) command to either a single user or
a set of users.
A user glob can be up to 80 characters long and cannot contain spaces or
tabs. The double-asterisk (**) wildcard characters with no delimiter
characters match all usernames. The single-asterisk (*) wildcard character
matches any number of characters up to, but not including, a delimiter
character in the glob. Valid user glob delimiter characters are the at (@)
sign and the period (.).
tabs. The double-asterisk (**) wildcard characters with no delimiter
characters match all usernames. The single-asterisk (*) wildcard character
matches any number of characters up to, but not including, a delimiter
character in the glob. Valid user glob delimiter characters are the at (@)
sign and the period (.).