CLI (Command Line Interface)

 

 

IP ACL Commands (Cont.)

 

 

 

Command

Function

 

 

permit, deny

Syntax:

(Standard ACL)

[no] {permit deny} {any source bitmask host source}

This command adds a rule to a

• any – Any source IP address.

• source – Source IP address.

Standard IP ACL. The rule sets a

filter condition for packets

• bitmask – Decimal number representing the address bits to match.

emanating from the specified

• host – Keyword followed by a specific IP address.

source.

Default Setting: None

Use the no form to remove a rule.

Command Mode: Standard ACL

 

Command Usage: New rules are appended to the end of the list.

 

Address bitmasks are similar to a subnet mask, containing four integers

 

from 0 to 255, each separated by a period. The binary mask uses 1 bits to

 

indicate “match” and 0 bits to indicate “ignore.” The bitmask is bitwise

 

ANDed with the specified source IP address, and then compared with the

 

address for each IP packet entering the port(s) to which this ACL has been

 

assigned.

 

Example: This example configures one permit rule for the specific address

 

10.1.1.21 and another rule for the address range 168.92.16.x –

 

168.92.31.x using a bitmask:

 

Console(config-std-acl)#permit host 10.1.1.21

 

Console(config-std-acl)#permit 168.92.16.0 255.255.240.0

 

Console(config-std-acl)#

 

 

permit, deny

Syntax:

(Extended ACL)

[no] {permit deny} [protocol-number udp]

This command adds a rule to an

{any source address-bitmask host source}

{any destination address-bitmask host destination}

Extended IP ACL. The rule sets a

[precedence precedence] [tos tos] [dscp dscp]

filter condition for packets with

[source-port sport [end]] [destination-port dport [end]]

specific source or destination IP

[no] {permit deny} tcp

{any source address-bitmask host source}

addresses, protocol types, source

{any destination address-bitmask host destination}

or destination protocol ports, or

[precedence precedence] [tos tos] [dscp dscp]

TCP control codes.

[source-port sport [end]] [destination-port dport [end]]

Use the no form to remove a rule.

[control-flag control-flags flag-bitmask]

protocol-number – A specific protocol number. (Range: 0-255)

 

• source – Source IP address.

 

• destination – Destination IP address.

 

address-bitmask – Decimal number representing the address bits to

 

match.

 

• host – Keyword followed by a specific IP address.

 

• precedence – IP precedence level. (Range: 0-7)

 

• tos – Type of Service level. (Range: 0-15)

 

• dscp – DSCP priority level. (Range: 0-63)

 

• sport – Protocol (TCP, UDP or other protocol types) source port number.

 

(Range: 0-65535)

 

• dport – Protocol ((TCP, UDP or other protocol types)) destination port

 

number. (Range: 0-65535)

 

• end – Upper bound of the protocol port range. (Range: 0-65535)

 

control-flags – Decimal number (representing a bit string) that specifies

 

flag bits in byte 14 of the TCP header. (Range: 0-63)

 

flag-bitmask – Decimal number representing the code bits to match.

 

(Range: 0-63)

 

Default Setting: None

 

Command Mode: Extended ACL

 

 

NXA-ENET24 - Software Management Guide

211

 

 

Page 230 Page 232
Page 231
Image 231
AMX NXA-ENET24 manual Command Function Permit, deny Syntax Standard ACL, Permit, deny Syntax Extended ACL
Page 230 Page 232

NXA-ENET24 specifications

The AMX NXA-ENET24 is a versatile and powerful networked control interface designed to meet the growing demands of modern AV systems. This network switch offers an exceptional combination of reliability, performance, and scalability, making it an ideal choice for professional environments such as conference rooms, educational facilities, and control rooms.

One of the key features of the NXA-ENET24 is its 24-port configuration, allowing for extensive connectivity options. Each port supports 10/100/1000 Mbps speeds, ensuring that high bandwidth applications are handled with ease. Additionally, the switch incorporates advanced auto-negotiation technology, which automatically configures the optimal speed and duplex mode for connected devices. This ensures seamless connectivity and minimizes the risk of network disruptions.

The NXA-ENET24 is designed with advanced management capabilities, including support for VLANs, which helps to segment network traffic for enhanced security and performance. Network administrators can easily create virtual local area networks to optimize traffic flow and reduce congestion. This feature is particularly beneficial in environments where multiple AV systems operate concurrently.

Another significant characteristic of the NXA-ENET24 is its support for Power over Ethernet, or PoE. This feature enables the switch to deliver electrical power alongside data through the network cables. As a result, devices such as IP cameras, VoIP phones, and wireless access points can be powered directly from the switch, simplifying deployment and reducing the need for additional power sources.

Monitoring and management of the switch are made easier through a user-friendly interface. The NXA-ENET24 supports SNMP for network management, allowing users to monitor performance metrics, configure settings, and receive alerts in case of issues. This level of oversight is crucial for maintaining the stability of AV systems in mission-critical applications.

Durability is another hallmark of the NXA-ENET24 design. The switch features a robust chassis that is engineered to withstand the rigors of professional use. With cooling mechanisms in place and a fanless design, the NXA-ENET24 operates quietly and efficiently, making it suitable for environments where noise is a concern.

In conclusion, the AMX NXA-ENET24 is a powerful, reliable, and feature-rich network switch that effectively supports modern AV applications. With its extensive connectivity options, advanced management capabilities, PoE support, and durable design, it is an excellent choice for integrators and organizations looking to optimize their network infrastructure.
Top Page Image Contents