13-14 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.1
Chapter 13
7. Enter the IP address in the Dest A ddress field that represents the
destination address of the Web server. Enter a wildcard of 0.0.0.0 to
identify the specific IP address of th e destination Web server.
* Note: To deny/filter traffic to a specific address and not to an entire
subnet, you must specify the destination IP address of the
network node, and use a subnet wildcard of 0.0.0.0.
8. Specify the TCP protocol ID = 6. If you specify TCP or UDP port
numbers, you must specify Prot ocol ID 6 or 17 respectively.
9. Enter the following in the TCP/UDP Destination Port field:
a Min. of 80 (HTTP).
a Max. of 80 (HTTP).
10. Leave the TCP/UDP Source Port field alone:
a Min. of 0 (HTTP).
a Max. of 65536 (HTTP).
11. Select TCP Established. A check mark displays in the check box.
12. Click CREATE to save your chan ges, or CANCEL to res tore previo us
settings.
Each time any end user attempts to access the Web server specified by the
destination TCP/UDP ports, all Web requests are filtered.
Second Example Filtering Traffic Between 10.1.1.0 and 10.1.2.0 Subnets. It is possible to
filter traffic to either a specific address or to an entire subnet. In this
example, all traffic between the two subnets is filtered:
This example also assumes that the network is a Class C sub network
(255.255.255.0).
To filter traffic between both subnets, you must create two access rules.
To create the Extended Access list and rules:
1. In the navigation pane, expand the Routing > IP > Configuration
folders, and then click Access Lists.
The IP Access List Web page is displayed in the content pane. See
Figure 13-1.
2. Select Create Extended. The IP Extended Access Rule Creation Web
page is displayed. See Figure13-3.