Blade ICE G8124 Manuale Utente
BLADEOS 6.5.2 Application Guide
BMD00220, October 2010
Chapter 5: Access Control Lists
81
ACL Configuration Examples
ACL Example 1
Use this configuration to block traffic to a specific host. All traffic that ingresses on port 1 is denied
if it is destined for the host at IP address 100.10.1.1
if it is destined for the host at IP address 100.10.1.1
1.
Configure an Access Control List.
2.
Add ACL 1 to port EXT1.
ACL Example 2
Use this configuration to block traffic from a network destined for a specific host address. All traffic
that ingresses in port 2 with source IP from class 100.10.1.0/24 and destination IP 200.20.2.2 is
denied.
that ingresses in port 2 with source IP from class 100.10.1.0/24 and destination IP 200.20.2.2 is
denied.
1.
Configure an Access Control List.
2.
Add ACL 2 to port EXT2.
RS G8124(config)# access-control list 1 ipv4 destination-ip-address
100.10.1.1
RS G8124(config)# access-control list 1 action deny
RS G8124(config)# interface port 1
RS G8124(config-if)# access-control list 1
RS G8124(config-if)# exit
RS G8124(config)# access-control list 2 ipv4 source-ip-address
100.10.1.0 255.255.255.0
RS G8124(config)# access-control list 2 ipv4 destination-ip-address
200.20.2.2 255.255.255.255
RS G8124(config)# access-control list 1 action deny
RS G8124(config)# interface port 2
RS G8124(config-if)# access-control list 2
RS G8124(config-if)# exit