CLI (Command Line Interface)

 

 

IP ACL Commands (Cont.)

 

 

 

Command

Function

 

 

mask

Example:

(IP ACL - Cont.)

This shows how to create an extended ACL with an egress mask to drop

 

packets leaving network 171.69.198.0 when the Layer 4 source port is 23

 

Console(config)#access-list ip extended A3

 

Console(config-ext-acl)#deny host 171.69.198.5 any

 

Console(config-ext-acl)#deny 171.69.198.0 255.255.255.0 any

 

source-port 23

 

Console(config-ext-acl)#end

 

Console#show access-list

 

IP extended access-list A3:

 

deny host 171.69.198.5 any

 

deny 171.69.198.0 255.255.255.0 any source-port 23

 

Console#config

 

Console(config)#access-list ip mask-precedence out

 

Console(config-ip-mask-acl)#mask 255.255.255.0 any source-

 

port

 

Console(config-ip-mask-acl)#exit

 

Console(config)#interface ethernet 1/15

 

Console(config-if)#ip access-group A3 out

 

Console(config-if)#end

 

Console#show access-list

 

IP extended access-list A3:

 

deny 171.69.198.0 255.255.255.0 any source-port 23

 

deny host 171.69.198.5 any

 

IP egress mask ACL:

 

mask 255.255.255.0 any source-port

 

Console#

 

Example:

 

This is a more comprehensive example. It denies any TCP packets in

 

which the SYN bit is ON, and permits all other packets. It then sets the

 

ingress mask to check the deny rule first, and finally binds port 1 to this

 

ACL.

 

Note that once the ACL is bound to an interface (i.e., the ACL is active), the

 

order in which the rules are displayed is determined by the associated

 

mask:

 

Switch(config)#access-list ip extended 6

 

Switch(config-ext-acl)#permit any any

 

Switch(config-ext-acl)#deny tcp any any control-flag 2 2

 

Switch(config-ext-acl)#end

 

Console#show access-list

 

IP extended access-list A6:

 

permit any any

 

deny tcp any any control-flag 2 2

 

Console#configure

 

Switch(config)#access-list ip mask-precedence in

 

Switch(config-ip-mask-acl)#mask protocol any any control-flag 2

 

Switch(config-ip-mask-acl)#end

 

Console#sh access-list

 

IP extended access-list A6:

 

permit any any

 

deny tcp any any control-flag 2 2

 

IP ingress mask ACL:

 

mask protocol any any control-flag 2

 

Console#configure

 

Console(config)#interface ethernet 1/1

 

Console(config-if)#ip access-group A6 in

 

Console(config-if)#end

 

Console#show access-list

 

IP extended access-list A6:

 

deny tcp any any control-flag 2 2

 

permit any any

 

IP ingress mask ACL:

 

mask protocol any any control-flag 2

 

Console#

 

 

NXA-ENET24 - Software Management Guide

215

 

 

Page 235
Image 235
AMX NXA-ENET24 manual Command Function Mask Example IP ACL

NXA-ENET24 specifications

The AMX NXA-ENET24 is a versatile and powerful networked control interface designed to meet the growing demands of modern AV systems. This network switch offers an exceptional combination of reliability, performance, and scalability, making it an ideal choice for professional environments such as conference rooms, educational facilities, and control rooms.

One of the key features of the NXA-ENET24 is its 24-port configuration, allowing for extensive connectivity options. Each port supports 10/100/1000 Mbps speeds, ensuring that high bandwidth applications are handled with ease. Additionally, the switch incorporates advanced auto-negotiation technology, which automatically configures the optimal speed and duplex mode for connected devices. This ensures seamless connectivity and minimizes the risk of network disruptions.

The NXA-ENET24 is designed with advanced management capabilities, including support for VLANs, which helps to segment network traffic for enhanced security and performance. Network administrators can easily create virtual local area networks to optimize traffic flow and reduce congestion. This feature is particularly beneficial in environments where multiple AV systems operate concurrently.

Another significant characteristic of the NXA-ENET24 is its support for Power over Ethernet, or PoE. This feature enables the switch to deliver electrical power alongside data through the network cables. As a result, devices such as IP cameras, VoIP phones, and wireless access points can be powered directly from the switch, simplifying deployment and reducing the need for additional power sources.

Monitoring and management of the switch are made easier through a user-friendly interface. The NXA-ENET24 supports SNMP for network management, allowing users to monitor performance metrics, configure settings, and receive alerts in case of issues. This level of oversight is crucial for maintaining the stability of AV systems in mission-critical applications.

Durability is another hallmark of the NXA-ENET24 design. The switch features a robust chassis that is engineered to withstand the rigors of professional use. With cooling mechanisms in place and a fanless design, the NXA-ENET24 operates quietly and efficiently, making it suitable for environments where noise is a concern.

In conclusion, the AMX NXA-ENET24 is a powerful, reliable, and feature-rich network switch that effectively supports modern AV applications. With its extensive connectivity options, advanced management capabilities, PoE support, and durable design, it is an excellent choice for integrators and organizations looking to optimize their network infrastructure.