Manuals / Asante Technologies / Computer Equipment / Power Supply

Asante Technologies IC36240 Access-list 101 ?, Access-list 101 deny ?, Access-list 101 deny tcp ?

Models: IC36240

1 108

Download 108 pages 14.72 Kb

Page 62

In the following example, an extended access list is created to deny FTP and allow all other traffic from subnet 192.168.123.0 to be forwarded to all other networks or subnets.

Note: Remember when the cursor reaches the right margin, the command line shifts 8 spaces to the left. You cannot see the first eight characters of the line, but you can scroll back and check the syntax at the beginning of the command, using Ctrl-Bor the left arrow keys.

Switch# configure

Switch(config)#			access-list 101 ?
remark		Access list entry comment
deny		Specify packets to reject
permit		Specify packets to forward
Switch(config)#			access-list 101 deny ?
ip	Specify		IP connections
icmp	Specify		ICMP connections
tcp	Specify		TCP connections
udp	Specify		UDP connections
<0-255> Specify protocol number
Switch(config)#			access-list 101 deny tcp ?
A.B.C.D		Source address to match. e.g. 10.0.0.0
host		Host	address to match.
any		Any source address to match
Switch(config)#			access-list 101 deny tcp 192.168.123.0 0.0.0.255 ?
A.B.C.D		Destination address to match. e.g. 10.0.0.0
host		Host	address to match.
any		Any destination address to match

Switch(config)# $ist 101 deny tcp 192.168.123.0 0.0.0.255 192.168.124.0 0.0.0.255?

eq	Operator - equal to
gt	Operator -	greater then
lt	Operator -	less then

precedence	precedence
tos	type of service
established	established
<cr>

Switch(config)# $ list 101 deny tcp 192.168.123.0 0.0.0.255 192.168.124.0 eq ? <0-65535> Protocol port number

ftp	FTP
ssh	SSH
telnet	TELNET
smtp	SMTP
mtp	MTP
gopher	GOPHER
finger	FINGER
http	HTTP
pop	POP version 3
bgp	BGP
bgmp	Border Gateway Multicast Protocol
https	HTTP over SSL/TLS
rlogin	Rlogin
syslog	SYSLOG

Switch(config)# $ eny tcp 192.168.123.0 0.0.0.255 192.168.124.0 0.0.0.255 eq 21 ?

precedence	precedence
tos	type of service
established	established
<cr>

Switch(config)# $ tcp 192.168.123.0 0.0.0.255 192.168.124.0 0.0.0.255 eq 21 tos 2 est Switch(config)# exit

Switch# show access-list

62

Asante IntraCore IC36240

User’s Manual

Image 62

Asante Technologies IC36240 user manual Access-list 101 ?, Access-list 101 deny ?, Access-list 101 deny tcp ?

Contents

IntraCore IC36240 Series Layer 2+ Gigabit Ethernet Switch User’s Manual IntraCore IC36240Table of Contents Password Service Password-Encryption Snmp Configuration Commands Trunk Ieee 802.1q Technical Support and Warranty Features IntroductionPackage Contents Front and Back Panel DescriptionsLEDs LEDManagement and Configuration Console InterfaceSafety Overview Hardware Installation and SetupInstallation Overview Power Requirements Installing into an Equipment RackRecommended Installation Tools Environmental RequirementsEquipment Rack Guidelines Installing the Optional External Power SupplySFP Mini Gbic Ports 1 10/100/1000BaseT Ports Cabling Procedures Connecting PowerConnecting to the Network Gigabit Ethernet Ports Cabling Procedures Pin Number Pair Number & Wire ColorsAsante IntraCore IC36240 Initial Software Setup Connecting to a ConsoleConnecting to a PC User Access Verification PasswordEnable Password Passwords and Privileges CommandsPrivileges Commands Password Service Password-EncryptionUsername Command Login SecurityConfiguring an IP Address Password and login CommandsSetting a Default IP Gateway Address Restoring Factory DefaultsSystem Boot Parameters Switchconfig# ip default-gatewayAccess Each Command Mode Understanding the Command Line Interface CLIUser Top User Exec Mode Document ConventionsPrivileged Top Privileged Exec Mode Command Show ? PurposeGlobal Configuration Mode Command Exit End Ctrl-Z Purpose Switch# configureInterface Configuration Mode Spanning-Tree Configuration ModeSpanning-tree mst configuration Advanced Features Supported within the Command ModeVlan Configuration Mode Command Help Purpose Example of Context Sensitive HelpChecking Command Syntax Switch# configure ?Using Command-Line Editing Features and Shortcuts Using CLI Command HistoryUsing the No and Default Forms of Commands Keystrokes/Command PurposeKeystrokes Purpose Moving Around on the Command LineCompleting a Partial Command Name Editing Command Lines That Wrap Scrolling Down a Line or a Screen Redisplaying the Current Command LineDeleting Entries Keystrokes Transposing Mistyped CharactersControlling Capitalization Switch# clock ? Managing the System and Configuration FilesSetting the System Clock Switch# clock set 092930 28 January Switch# reload crSpecifying the Hostname Changing the PasswordTesting Connections with Ping Tests Enabling the System LogConfiguring from the Terminal Managing Configuration FilesDisplaying the Operating Configuration Switch# show running-configCopying Configuration Files to a Network Server Newname# copy running-config startup-configSwitch# copy startup-config ? Switch# copy running-config tftp//192.168.0.1/my-config Switch# copy running-configSwitch# copy running-config Tftp Access Control Configuring SnmpAuthentication Switch# copy tftp//192.168.123.59/my-confg running-configSupport Create or Modify Access Control for Snmp CommunitySecurity Levels Command Purpose Snmp-server community string view Establish the Contact and Location of the Snmp AgentConfiguring Spanning Tree Snmp Configuration CommandsSpanning Tree Parameters Spanning-tree mst?Port Priority Spanning Tree Port ConfigurationRapid Spanning Tree Protocol Rstp Port Path CostRapid Convergence Configuring Switch/Bridge PrioritySwitchconfig# spanning-tree priority priority Enabling Rapid Spanning TreeConfiguring Port Path Cost Configuring Link TypeConfiguring an Edge Port Configuring Port PriorityMultiple Spanning-Tree MST Configuring Vlan VlanShow mac-address-table Switchconfig# mac-address-table aging-timeMAC Address Table Class Address or Range Status Configuring IPAssign IP Addresses to Switch Establish Address Resolution Define a Static ARP CacheIgmp Overview Configuring IgmpManaging IP Multicast Traffic Forwarding Unknown Multicast PacketsCommand Purpose Ip igmp query-max-response-time Using Access ListsSwitchconfig-if-veth1#ip igmp query-interval Host-query messagesUsing a Classification ACL Asante IntraCore IC36240 Create a Standard Access List Switchconfig# mac access-list standard Create a MAC Access ListCreate an Expanded Access List Access-list 101 deny tcp ? Access-list 101 ?Access-list 101 deny ? Access-list 101 deny tcp 192.168.123.0 0.0.0.255 ?Access-list ? Creating an Access List with a NameApplying an Access List to an Interface Access-list standard ?Configuring Common Access Lists Switchconfig# access-list 110 permit udp any any eqAccess-list 101 deny ip any any Vlan Configuration Creating or Modifying a VlanDeleting a Vlan Switch# show vlanSwitchconfig-vlan#port-member delete eth Trunk Ieee 802.1q Static AccessVlan Port Membership Modes Command Purpose Switchconfig# vlan dot1q tag native Switchconfig# endMonitoring Weighted Fair Queuing Lists Quality of Service ConfigurationConfiguring Weighted Fair Queuing Priority QueuingDefining the Priority List Configuring Traffic Shaping for an InterfaceTraffic Shaping Monitoring Priority Queuing ListsMonitoring the Traffic Shaping Configuration Configuring Rate LimitConfiguring Traffic Shaping for an Access List Generic Traffic Shaping ExampleAsante IntraCore IC36240 Configuring the Switch Using the GUI Main Configuration MenuInformation Screens Front Panel Information ScreenAssign IP Addresses to Switch General Information ScreenClass Address or Range Status Port Configuration Menu Individual Port Configuration ScreenAsante IntraCore IC36240 Press go Spanning Tree Protocol Configuration STP Port Configuration Global STP Bridge Configuration Snmp Configuration Asante IntraCore IC36240 Address Table Screen Asante IntraCore IC36240 Asante IntraCore IC36240 Vlan Configuration Asante IntraCore IC36240 Click Apply Igmp Configuration Asante IntraCore IC36240 Asante IntraCore IC36240 Web CLI Screen System Clock Menu Save Appendix a Basic Troubleshooting Problem Possible SolutionsEnvironmental Range Appendix B SpecificationsPhysical Characteristics PerformanceTechnical Support and Warranty Standards ComplianceAppendix C FCC Compliance and Warranty Statements FCC Compliance Statement Important Safety InstructionsIntraCare Warranty Statement Appendix D Online Warranty Registration Access List IndexIgmp LED Safety Priority Queuing Vlan