Avaya 1600 E. IP Filtering

Avaya, Inc. - 193 - PARTNER ACS 1600 DSL module User Guide

E. IP Filtering

The following assumes that you have a working knowledge of

IP protocols.

Filtering executes on the WAN port that you select. There are

two different sets of filters and each filter maintains its own

statistics:

Input - Input packets are filtered after the network

address translation.

Output - Output packets are filtered before the network

address translation.

The maximum total number of filters is 128.

Packets pass through the appropriate set of filters in the order

in which the filters display in the list shown on the user

interface (Configure IP Router > Configure IP Filtering >

Display all filters of the chosen type). Each packet moves

down the list of filters until it reaches the end or the attributes

of an active filter match the packet.

When a "match" occurs, the packet is the n processed

according to the action field (Pass or Discard) of the first filter

that matched the packet:

Pass - packet passed to the next level.

Discard - packet discarded. When output packets are

dropped, RTCS_OK is returned from IP_route.

When you create a new filter, all fields are s et to an inactive

state. An inactive filter passes all IP packets - you must

modify at least one field to narrow the range of packets to

pass or change the action to discard all packets.

To create a set of filters to pass only certain types of packets,

you need to create a default filter that discards all packets and

then insert narrower filters before the default filter. For

example, you need to add a filter to cover each range of

packets.

If you want to select only the packet ranges to discard, then

there is no default filter needed, because the default action is

to pass all packets. You only have to add filters that set the

range to discard and set the actions of those filters to discard.

The order of the filters matters if you are mixing filters with

different actions or if you want the overlapping filters to display

accurate statistics.

Contents

Main Table of contents 1. Introduction...................................................................11 2. PARTNER ACS 1600 DSL module basics....................13 4. Menu interface...............................................................23 Page Page Page 5. Administration...............................................................86 6. WAN configuration......................................................101 7. Router configuration...................................................128 8. Bridge configuration...................................................142 Page Page 1. Introduction Organization of this guide Page 2. PARTNER ACS 1600 DSL module basics Hardware and software requirements Connectors Console cable Interfaces Page Connecting Logging on Using a terminal emulation program Using a Telnet program Page Page Menu interface Default values Restarting Auto Log off Exiting Verifying an IP address A computer running Windows 95/98/Me/2000 The PARTNER ACS 1600 DSL module 4. Menu interface Main Menu 1. Reports C. Display Current Configuration Page N. Display Network Statistics I. Display Interface Statistics M. Display Media Statistics R. Display Route Table A. Display AR P Table B. Display Bridge forwarding database S. Display Bridge status P. Display PPP Authorization Entries U. Display System Uptime Avaya, Inc. - 30 - PARTNER ACS 1600 DSL module User Guide 2. Configure IP Router Routing C. Configure Port IP Address U. Unconfigure Port IP Address S. Add/Remove a Static Route R. Enable/Disable RIP V. Configure RIP Version by Port P. Configure RIP Poisoned Reverse by Port N. Configure DNS Client H. Configure DHCP Client L. Configure DHCP Relay T. Configure Telnet Server Port F. Configure IP Filtering Page Page Page Page D. Display Route Table Avaya, Inc. - 40 - PARTNER ACS 1600 DSL module User Guide 3. Configure Bridge Displays the Bridge Configuration Menu, which contains the following submenu and commands. Bridging G. Enable/Disable Bridging Globally P. Enable/Disable Bridging by Port A. Configure Bridge Aging Timer T. Enable/Disable Spanning Tree Globally O. Enable/Disable Spanning Tree by Port Q. Configure Spanning Tree Port Priority H. Configure Spanning Tree Hello Time S. Configure Spanning Tree Max Age F. Configure Spanning Tree Forward Delay C. Configure Spanning Tree Path Cost D. Delete Bridge Forwarding Database Entry Avaya, Inc. - 44 - PARTNER ACS 1600 DSL module User Guide 5. Configure WAN SDSL WAN configuration 0. Quick Configuration 1. Configure Datalink Protocol 2. Configure Physical Interface Page 3. Configure DLCIS (Frame Relay) Page Page 3. Configure PVCS (ATM) Page Page Page 4. Configure FR Options (Frame Relay) Page 4. Configure ATM Options (ATM) 6. Configure LAN F. Set/Clear Full Duplex 7. Configure SNMP E. Enable/Disable SNMP P. Configure System Contact 8. Configure Login 1. Change User ID 2. Change User Password 3. Change NetMan Password 9. System Utilities P. Ping Utility T. Trace Route Z. Configure Console Baud Rate V. Configure Console Timeout R. Hard Reset or Reload ACOS from FLASH D. Set System Defaults W. Save System Settings as Defaults X. File Transfer Menu I. Interworking Connections 1. Add Interworking Connection Page 2. Delete Interworking Connection 3. Print Interworking Connections 4. Default Interworking Connections D. Configure DHCP Server E. Enable/Disable DHCP B. Enable/Disable DHCP Debug Messages I. Configure DHCP Server Parameters P. Configure DHCP Address Range Pool C. Configure DHCP Client Entry F. Display DHCP Configuration S. Display DHCP Server Statistics A. Display DHCP Server Assigned Addresses D. Display DHCP Entry Details X. Delete a DHCP Client Entry Y. Delete a DHCP Assignment Entry N. Configure NAT B. Enable/Disable NAT Debug Messages P. Enable/Disable NAT Translation by Port T. Configure NAT TCP Timeout U. Configure NAT UDP Timeout N. Configure NAT Local Server Entry S. Display NAT Statistics C. Display NAT Connection Table D. Display NAT Connection Details O. Display NAT Local Server Table X. Delete IP Address from NAT Tables Y. Delete NAT Local Server Entry T. Derived Timing 1. Enable/Disable Derived Timing 2. Enable/Disable Derived Timing Debug Messages Z. Diagnostics P. POTS Diagnostics S. SDSL Diagnostics C. Command Line Interface Command line syntax Commands P. VoicePath Configure V. Set Voice Gateway J. Set Jitter Delay D. Display Jitter Delay T. Set SLIC Control Mode U. Set Compander Mode (u-Law, a-Law) M. Set Debug Mode E. Configure Echo Cancellation Default Settings M. Manage MGCP/NCS Embedded Client C. Configure MGCP/NCS parameters S. Display MGCP/NCS statistics D. Debug MGCP/NCS R. Remove a connection E. CopperCom Call Control S. Statistics C. Configure D. Debug Control Page E. Call Control Settings A. Stats Display R. Ring Test S. Display IAD State T. Trace V. Pick sound heard if insufficient WAN B/W to complete call U. Configure Tollbridge Voice Client 0. Set Client IP address 1. Set Voice Gateway IP Address 2. Print Current Configuration 3. Debugging options 5. Administration Security Changing the User ID Changing the Password SNMP Enabling/disabling SNMP Configuring the System Contact Configuring the System Name Configuring the System Location Configuring the System Community Configuring the SNMP Trap Host IP Address Upgrading the system Configuring the TFTP Server Using TFTP Page Using Telnet Verifying the download Upgrading ACOS Configuring the TFTP Server Using TFTP Page Using Telnet Verifying the download Support 6. WAN configuration Changing the Datalink Protocol the Physical Interface Configuring the SDSL Interface Configuring the USI interface Page Page Quick Configuration ATM PVCs Adding a PVC Modifying a PVC Page Deleting a PVC ATM options Configuring Payload Scrambling Configuring the F4 OAM Cell Sending OAM Loopback Configuring Empty Cells Frame Relay DLCIs Adding a DLCI Page Modifying a DLCI Deleting a DLCI Frame Relay options Configuring fragmentation Page Configuring the maintenance protocol Configuring the congestion parameters the voice path Setting the jitter delay Setting the SLIC Control Mode Configuring Echo Cancellation Page Page 7. Router configuration Configuring an IP address Page Enabling RIP poisoned reverse Enabling RIP poisoned reverse globally Enabling RIP poisoned reverse by port Setting the RIP version Page Adding a static route Adding a default route Disabling bridging Disabling bridging globally Disabling bridging by port Disabling STP Disabling STP globally Disabling STP by port Page 8. Bridge configuration Enabling Bridging Enabling bridging globally Enabling bridging by port Setting the bridge aging timer Disabling RIP poisoned reverse Disabling RIP poisoned reverse globally Disabling RIP poisoned reverse by port Enabling STP Enabling STP globally Enabling STP by port Page 9. NAT configuration Enabling NAT translation the NAT local server entry the NAT timeouts Configuring a NAT TCP timeout Configuring a NAT UDP timeout the NAT port range Page 10. DHCP server configuration Enabling DHCP the DHCP server parameters Page Page the DHCP address range pool Page 11. Verification Power-up test Operational test Maintenance Displaying the current configuration A. Menu hierarchy 1. Reports C. Display Current Configuration N. Display Network Statistics I. Display Interface Statistics 2. Configure IP Router Page 3. Configure Bridge 5. Configure WAN 2. Configure Physical Interface 3. Configure DLCIs (Datalink Protocol = Frame Relay) 3. Configure PVCs (Datalink Protocol = ATM) Page Page 4. Configure FR Options (Datalink Protocol = Frame Relay) Page 9. System Utilities I. Interworking Connections 1. Add Interworking Connection D. Configure DHCP Server Page C. Command Line Interface P. VoicePath Configure Page Page B. PARTNER ACS 1600 DSL module specifications Page C. Connector pinouts Page D. USI Cables DTE or DCE? Which Hardware Protocol? Avaya, Inc. - 191 - PARTNER ACS 1600 DSL module User Guide Page E. IP Filtering Glossary Page Page Page Page Index 10 A B C Page Page Page D Page E F H I J L M N O P Q R S Page T U V W