Справочник Пользователя для Avaya X330WAN

Chapter 4

Operational Concepts and Configuration Examples

52

Avaya X330WAN User’s Guide

X330WAN enables you to control access to its router interfaces using the “single 
point of presence” characteristics of the Layer 2 Loopback interface. This is an 
alternative to configuring Access Control rules separately on each router interface. 
By activating Access Control rules on a Loopback interface, you can control all 
traffic entering and leaving the X330WAN’s CPU. Different Access Lists can be 
configured on the “Loopback in” and “Loopback out” interfaces.

A Policy list activated on a Loopback interface applies only to packets 

destined to the router interface, and not to packets routed by the CPU.

 An Access Control rule denying Telnet sessions placed on the 

Loopback interface prevent Telnet access to the CPU, thus preventing any 
configuration changes to the module. This rule does not prevent Telnet sessions 
between any two users connected to the X330WAN interfaces.
Perform the following to activate such a Policy list on the Loopback interface using 
the CLI:
1

Create an Access Control List by entering: 

Where 101 is the Access list number, 1 is the number of the Rule in the list, Deny 
is the action, and 23 is the tcp Telnet port number.

2

Type 

to enter the Loopback1 interface.

3

Use  the 

command to activate the new Access 

Control list created in step 1 on the ingress direction of the Loopback1 interface.

In order to apply an Access Control List to the router interfaces, the Policy 

should be applied on Loopback1 interface (

). If additional 

Loopback interfaces have been created, applying Policy on them does not take 
affect. No CLI message informs you of this during the configuration.

Displays a composite operation of a Policy list.

Displays the active Policy list for each context/
direction.