Patton electronic SmartNode 4110 Series IP Phone User Manual

Open as PDF

of 664

Access control list configuration task list 256

SmartWare Software Configuration Guide 24 • Access control list configuration

• All access control lists have an implicit deny ip any any at the end. A packet that does not match the criteria

of the ﬁrst statement is subjected to the criteria of the second statement and so on until the end of the access

control list is reached, at which point the packet is dropped.

• Filter types include IP, Internet Control Message Protocol (ICMP), Transmission Control Protocol (TCP),

User Datagram Protocol (UDP), and Stream Control Transmission Protocol (SCTP).

• An empty access control list is treated as an implicit deny ip any any list.

Note Two or more administrators should not simultaneously edit the conﬁgura-

tion ﬁle. This is especially the case with access lists. Doing this can have

unpredictable results.

Once in access control list conﬁguration mode, each command creates a statement in the access control list.

When the access control list is applied, the action performed by each statement is one of the following:

• permit statement causes any packet matching the criteria to be accepted.

• deny statement causes any packet matching the criteria to be dropped.

To delete an entire access control list, enter conﬁguration mode and use the no form of the proﬁle acl com-

mand, naming the access list to be deleted, e.g. no proﬁle acl name. To unbind an access list from the interface

to which it was applied, enter the IP interface mode and use the

no form of the access control list command.

Access control list conﬁguration task list

To conﬁgure an IP access control list, perform the tasks in the following sections.

• Mapping out the goals of the access control list

• Creating an access control list proﬁle and enter conﬁguration mode (see page 257)

• Adding a ﬁlter rule to the current access control list proﬁle (see page 257)

• Adding an ICMP ﬁlter rule to the current access control list proﬁle (see page 259)

• Adding a TCP, UDP or SCTP ﬁlter rule to the current access control list proﬁle (see page 261)

• Binding and unbinding an access control list proﬁle to an IP interface (see page 263)

• Displaying an access control list proﬁle (see page 264)

• Debugging an access control list proﬁle (see page 264)

Mapping out the goals of the access control list

To create an access control list you must:

• Specify the protocol to be ﬁltered

• Assign a unique name to the access list

• Deﬁne packet-ﬁltering criteria

A single access control list can have multiple ﬁltering criteria statements.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Patton electronic SmartNode 4110 Series IP Phone User Manual