Access-list 101 deny ip any any | Asante Technologies IC36240

The following example shows explicitly denying all other DNS traffic.

Switch(config)# access-list 110 deny udp any any eq 53

Switch(config)# access-list 110 deny tcp any any eq 53

The following example shows explicitly permitting internet-sourced connections to publicly accessible servers.

Switch(config)# access-list 110 permit tcp any host public web server eq 80 Switch(config)# access-list 110 permit tcp any host public web server eq 443 Switch(config)# access-list 110 permit tcp any host public FTP server eq 21

The following example shows explicitly permitting public SMTP connections to the FTP server.

Switch(config)# access-list 110 permit tcp any gt 1023 host public FTP server gt 1023 Switch(config)# access-list 110 permit tcp any host public SMTP server eq 25

The following example shows explicitly denying all other traffic.

access-list 101 deny ip any any

65

Asante IntraCore IC36240

User’s Manual

Image 65

Asante Technologies IC36240 user manual Access-list 101 deny ip any any

Contents

IntraCore IC36240 Series IntraCore IC36240 Layer 2+ Gigabit Ethernet Switch User’s Manual Table of Contents Password Service Password-Encryption Snmp Configuration Commands Trunk Ieee 802.1q Technical Support and Warranty Introduction Features Front and Back Panel Descriptions Package Contents LED LEDs Console Interface Management and Configuration Safety Overview Hardware Installation and SetupInstallation Overview Recommended Installation Tools Installing into an Equipment RackPower Requirements Environmental Requirements Equipment Rack Guidelines Installing the Optional External Power SupplySFP Mini Gbic Ports 1 10/100/1000BaseT Ports Cabling Procedures Connecting PowerConnecting to the Network Pin Number Pair Number & Wire Colors Gigabit Ethernet Ports Cabling Procedures Asante IntraCore IC36240 Connecting to a Console Initial Software Setup User Access Verification Password Connecting to a PC Enable Password Passwords and Privileges CommandsPrivileges Commands Service Password-Encryption Password Configuring an IP Address Login SecurityUsername Command Password and login Commands System Boot Parameters Restoring Factory DefaultsSetting a Default IP Gateway Address Switchconfig# ip default-gateway User Top User Exec Mode Understanding the Command Line Interface CLIAccess Each Command Mode Document Conventions Command Show ? Purpose Privileged Top Privileged Exec Mode Global Configuration Mode Switch# configure Command Exit End Ctrl-Z Purpose Spanning-Tree Configuration Mode Interface Configuration Mode Spanning-tree mst configuration Advanced Features Supported within the Command ModeVlan Configuration Mode Example of Context Sensitive Help Command Help Purpose Switch# configure ? Checking Command Syntax Using the No and Default Forms of Commands Using CLI Command HistoryUsing Command-Line Editing Features and Shortcuts Keystrokes/Command Purpose Keystrokes Purpose Moving Around on the Command LineCompleting a Partial Command Name Editing Command Lines That Wrap Scrolling Down a Line or a Screen Redisplaying the Current Command LineDeleting Entries Keystrokes Transposing Mistyped CharactersControlling Capitalization Setting the System Clock Managing the System and Configuration FilesSwitch# clock ? Switch# clock set 092930 28 January Switch# reload cr Testing Connections with Ping Tests Changing the PasswordSpecifying the Hostname Enabling the System Log Displaying the Operating Configuration Managing Configuration FilesConfiguring from the Terminal Switch# show running-config Newname# copy running-config startup-config Copying Configuration Files to a Network Server Switch# copy startup-config ? Switch# copy running-config tftp//192.168.0.1/my-config Switch# copy running-configSwitch# copy running-config Tftp Authentication Configuring SnmpAccess Control Switch# copy tftp//192.168.123.59/my-confg running-config Support Create or Modify Access Control for Snmp CommunitySecurity Levels Establish the Contact and Location of the Snmp Agent Command Purpose Snmp-server community string view Snmp Configuration Commands Configuring Spanning Tree Spanning-tree mst? Spanning Tree Parameters Rapid Spanning Tree Protocol Rstp Spanning Tree Port ConfigurationPort Priority Port Path Cost Switchconfig# spanning-tree priority priority Configuring Switch/Bridge PriorityRapid Convergence Enabling Rapid Spanning Tree Configuring an Edge Port Configuring Link TypeConfiguring Port Path Cost Configuring Port Priority Multiple Spanning-Tree MST Vlan Configuring Vlan Show mac-address-table Switchconfig# mac-address-table aging-timeMAC Address Table Class Address or Range Status Configuring IPAssign IP Addresses to Switch Define a Static ARP Cache Establish Address Resolution Managing IP Multicast Traffic Configuring IgmpIgmp Overview Forwarding Unknown Multicast Packets Switchconfig-if-veth1#ip igmp query-interval Using Access ListsCommand Purpose Ip igmp query-max-response-time Host-query messages Using a Classification ACL Asante IntraCore IC36240 Create a Standard Access List Switchconfig# mac access-list standard Create a MAC Access ListCreate an Expanded Access List Access-list 101 deny ? Access-list 101 ?Access-list 101 deny tcp ? Access-list 101 deny tcp 192.168.123.0 0.0.0.255 ? Applying an Access List to an Interface Creating an Access List with a NameAccess-list ? Access-list standard ? Switchconfig# access-list 110 permit udp any any eq Configuring Common Access Lists Access-list 101 deny ip any any Creating or Modifying a Vlan Vlan Configuration Deleting a Vlan Switch# show vlanSwitchconfig-vlan#port-member delete eth Trunk Ieee 802.1q Static AccessVlan Port Membership Modes Switchconfig# end Command Purpose Switchconfig# vlan dot1q tag native Configuring Weighted Fair Queuing Quality of Service ConfigurationMonitoring Weighted Fair Queuing Lists Priority Queuing Traffic Shaping Configuring Traffic Shaping for an InterfaceDefining the Priority List Monitoring Priority Queuing Lists Configuring Traffic Shaping for an Access List Configuring Rate LimitMonitoring the Traffic Shaping Configuration Generic Traffic Shaping Example Asante IntraCore IC36240 Main Configuration Menu Configuring the Switch Using the GUI Front Panel Information Screen Information Screens General Information Screen Assign IP Addresses to Switch Class Address or Range Status Individual Port Configuration Screen Port Configuration Menu Asante IntraCore IC36240 Press go Spanning Tree Protocol Configuration STP Port Configuration Global STP Bridge Configuration Snmp Configuration Asante IntraCore IC36240 Address Table Screen Asante IntraCore IC36240 Asante IntraCore IC36240 Vlan Configuration Asante IntraCore IC36240 Click Apply Igmp Configuration Asante IntraCore IC36240 Asante IntraCore IC36240 Web CLI Screen System Clock Menu Save Problem Possible Solutions Appendix a Basic Troubleshooting Physical Characteristics Appendix B SpecificationsEnvironmental Range Performance Standards Compliance Technical Support and Warranty FCC Compliance Statement Important Safety Instructions Appendix C FCC Compliance and Warranty Statements IntraCare Warranty Statement Appendix D Online Warranty Registration Index Access List Igmp LED Safety Priority Queuing Vlan