Ip access-list | Avaya X330WAN specification

Chapter 6 X330WAN CLI Commands

Syntax

[no] ip access-group<policy-list-number> <direction>

Parameters

policy-list-numberAn integer from 100 to 149, where 0 is the default list.

directioninout

Example

X330WAN-2DS1-1(config-if:FastEthernet1)# ip access-group 110 out

ip access-list

Use the ip access-listcommand to create a specific Policy rule. Each rule pertains to the source IP address, the destination IP address, the protocol, the protocol ports (TCP/UDP, if relevant), and to the ACK bit (in TCP protocol). The no form of this command deletes a specific rule.

The syntax for this command is:

[no] ip access-list<policy-list-number> <access-list-index> <action> <protocol> {<source-ip> <source-wildcard>anyhost <source-ip>} [<operator> <port> [<port]] {<destination-ip> <destination- wildcard>anyhost <destination-ip>}[<operator> <port> [<port>]][established] [precedence]

Parameters

policy-list-number

access-list-index

action

protocol

source-ip

source-wildcard

operator

port

destination-ip

destination-wildcard

An integer from 100 to 149.

An integer from 100 to 149.

permitdenydeny-and-notifyfwd0-7 composite

op name

iptcpudpinteger from 1 to 255.

IP network

IP network wildcard

eqltgtrange

An integer from 1 to 65535.

IP network

IP network wildcard

210	Avaya X330WAN User’s Guide

Image 232

Avaya X330WAN manual Ip access-list

Contents

Avaya X330WAN Page Contents Chapter Initial Configuration Chapter InstallationChapter Operational Concepts and Configuration Examples Chapter Troubleshooting LOS Chapter X330WAN CLI Commands Contents Contents Avaya X330WAN User’s Guide Vii Viii Avaya X330WAN User’s Guide Redistribute Router-OSPF context 193 Appendix B Embedded Web Manager 227 Appendix a Interface Specifications 223Appendix C Standards and Compliance 233 Appendix D How to Contact Us 239 Contents Xii Avaya X330WAN User’s Guide List of Tables List of Tables Xiv Avaya X330WAN User’s Guide List of Figures List of Figures Xvi Avaya X330WAN User’s Guide About This Guide ObjectivesAudience Conventions Documentation Accuracy General System InformationPreventing Toll Fraud Important Safety Information Preface Avaya X330WAN User’s Guide Introduction Overview Layer 1 Features FeaturesLayer 2 Features Layer 3 Features Convergence Features Sample Applications Branch Office Connectivity to Headquarters Functional Concepts Overview WAN AccessRouting Command Line Interface CLI Avaya X330WAN Network ManagementSecurity Convergence Requirements and Specifications Multiservice Network Manager MsnmEnvironmental Specifications Avaya P330 Device Manager Embedded Web Power & Heat Dissipation Installation Installation Safety Information Installing an X330WAN Module into an Avaya P330 Switch P330 Software Support for X330WAN Power On Self Test X330W-2DS1 Front Panel and LEDs LED Name Color Description LED Status X330W-2USP Front Panel and LEDs CON Avaya P330 Front Panel LED Indicators Avaya P330 LEDs Connecting the X330WAN Connecting the E1/T1 WAN PortsConnecting the USP Ports Connecting the Fast Ethernet 10/100Base-T Port Removing an X330WAN Module from an Avaya P330 Switch Configuring the X330WAN Establishing a Console Connection Type async mode interactive Ppp authentication chapnonepapEstablishing a Modem Connection Establishing a Telnet Connection For example telnet Configuring Loopback Interfaces Configuring Fast Ethernet Interfaces Configuring the FabricFast Ethernet Interface X330WAN-2USP-1super#interface FabricFastEthernet10.10.10.1 20.20.20.1 Configuring E1/T1 Interfaces Configuring the X330WAN PPP CLI Interface Context Configuring USP InterfacesFrame Relay Initial Configuration Use the show ip interface interface-name X330WAN Default Settings Saving Your Configuration Function Default Setting DCD Initial Configuration Avaya X330WAN User’s Guide Detailed Interface Concepts Physical Interfaces Layer 2 Virtual Interfaces T1 Port with PPP Encapsulation USP Port with PPP Encapsulation Static Route Configuration Enhanced Routing Capabilities Via interface Static Route Export Default Metric Ospf Dynamic Cost Support RIP Distribution Access Lists Fragmentation and Reassembly Connecting Branch Offices to Headquarters 10.68.10.1 10.87.56.110.168.24.1 10.34.45.1 10.23.10.1 Configuring the X330WAN for use with an External Firewall X330WAN with Security Backup Interfaces X330WAN-2DS1-1super#copy running-config startup-configX330WAN-2DS1-1super#interface FastEthernet X330WAN-2DS1-1super#interface FabricFastEthernet Backup Interfaces Frame Relay Encapsulation Priority Dlci Traffic Shaping and Marking Policy Priority Queuing Default Composite Operations Table Creates/deletes a policy statement Sets the name for the Policy listSets the owner for the Policy list Sets the Policy list cookie Configures the trusted entity Specifies the action to be mapped to a DscpValue Sets the Dscp precedence Controlling Network Access to the X330WAN Show ip composite-op Show ip active-access- groups RTP Header Compression cRTP Ip rtp max-time QoS and VoIP Treatment QoS Implementation for PPP Encapsulation Data Mode VoIP Mode PPP VoIP Configuration 10 PPP VoIP Configuration Avaya X330WAN User’s Guide 149.49.54.80 1.111.11.11.1 X330WAN-2USP-1super-ifSerial1# Ip rtp port-range 2048 Queue-limit 1 3.1 4.133.33.33.1 Speed Frame Relay VoIP Configuration Scenario 1 Traffic Shaping Configuration Example 1 for Site a Single VC Between Sites Map-class configuration X330WAN-2USP-1super#map-class frame-relay voip Configuration Example 1 for Site B Single VC Between Sites Voip Map-class configuration Scenario 2 Priority Dlci and Traffic Shaping Configuration Example 2 for Site a Two VCs Between Sites X330WAN-2USP-1super#ip default-gateway serial X330WAN-2USP-1super#map-class frame-relay dataCir out Fragment Configuration Example 2 for Site B Two VCs Between Sites Group 16 12 PPP VoIP Configuration with Definity VoIP Implementation with Definity Clan and Prowler 10.200.231.250 X330WAN-2DS1-1super#ip default-gateway Serial 149.49.47.1 10.200.231.251 X330WAN-2DS1-1super#ip route 10.200.231.0 24 serial Page Troubleshooting Monitoring Traffic Handling E1/T1 Alarms Troubleshooting Corrective Actions LOF/RedFor example High BER/Major RAI/YellowAIS/Blue Corrective Action Troubleshooting X330W-2USP Using Loopbacks Local Line Loopback USP Loopback Troubleshooting Avaya X330WAN User’s Guide X330WAN CLI Commands Introduction About the CLI X330WAN CLI Prompts Mode/Context X330W-2DS1 Prompt X330W-2USP Prompt General Device Commands Banner loginBanner post-login No banner login Copy running-config startup-config Clear screenClear snmp trap Clear timezone Copy running-config tftp Copy startup-config tftpCopy running-config tftp filename ip Copy startup-config tftp filename ip Copy tftp startup-config Copy tftp startup-config filename ipCopy tftp EWarchive Copy tftp EWarchive filename ip Copy tftp SWimage Dir Output Fields Field Description Ds-mode Ds-mode e1t1 Erase startup-config Erase startup-configGet time Hostname Line Banner login/post-login context Nvram initializeSuccessfully logged off Nvram initialize Reset Set boot bankReset Set boot bank value Set logout timeout Set logoutSet snmp trap Set snmp trap rcvraddr Set snmp trap enable frame-relay Set snmp trap auth Set system contact Set snmp trap disable frame-relaySet system location Set time client Set system nameSet time protocol Show banner login Show banner loginSet time server Set timezone Show boot bank Show banner post-loginShow copy status Show dev log file Show erase statusShow image version Show logout Show module-identity Show running-configShow snmp Show system Show startup-configShow tftp download software status Show tftp download/upload status Show timeShow time parameters Show time Show timezone Sync timeTech Terminal length Console RS232 Interface CLI Commands Async mode interactive Console interface contextAsync mode terminal Console interface context Async reset-modem Console interface context Ppp authentication Console interface context Ppp authentication papchapnoneInterface Console Speed Console context Fast Ethernet Interface CLI Commands Timeout absolute Console interface contextTimeout absolute time Autoneg FastEthernet interface context Duplex FastEthernet interface context X330WAN-2DS1-1configure#no interface FastEthernetInterface FastEthernet FabricFast Ethernet Interface CLI Commands Speed FastEthernet interface contextInterface FabricFastEthernet No interface FabricFastEthernet portvlan.ip-interface X330WAN-2DS1-1configure#interface FabricFastEthernet Controller CLI Commands X330WAN-2DS1 OnlyCablelength long Controller context Cablelength short Controller context Channel-group Controller context Clear controller counters X330WAN-2DS1 Clock source Controller contextClear controller counters controller number X330W-2DS1-1super#clear controller counters Controller Fdl Description Controller contextNo description desc Framing X330WAN-2DS1 Controller context Idle-character X330WAN-2DS1 Controller contextNo framing frame-type No idle-character flagsmarks Linecode Controller context Loopback diag Controller context Loopback local Controller contextLoopback diag Loopback local linepayload No channel group Controller context Loopback remote Controller contextNo loopback Controller context Remote Controller context X330WAN-2DS1-1super#remote Reset-errored-ESF-dataShow controllers Show controllers port Output Example for T1 Avaya X330WAN User’s Guide 127 128 Avaya X330WAN User’s Guide Interface Serial CLI Commands Backup delay Serial interface contextShow controllers remote Shutdown Controller context Backup interface Serial interface context Backup delay 0Backup interface Serial Clear ip rtp header-compression Clear ip tcp header-compression PPP interface Description X330WAN-2USP Serial interface contextIdle-character X330WAN-2USP Serial interface context X330WAN-2USP-1super#clear ip tcp header-compression Interface Serial X330WAN-2DS1 Ignore-dcd X330WAN-2USP Serial interface contextNo ignore-dcd Interface Serial X330WAN-2USP Interface SerialInterface Serial 13.1 point-to-point Interface Serial 1.1 point-to-point Invert txclock X330WAN-2USP Load-interval Serial interface contextLoopback X330WAN-2USP Serial interface context No invert txclock Mtu Serial interface context Nrzi-encoding X330WAN-2USP Serial interface contextQueue-limit Serial interface context No nrzi-encoding Show ip rtp header-compression Show ip rtp header-compression interface name Show ip rtp header-compression brief Show ip tcp header-compressionShow ip rtp header-compression brief interface name Show ip tcp header-compression interface name Show ip tcp header-compression brief Show ip tcp header-compression brief interface name Transmitter-delay X330WAN-2USP Serial interface context No transmitter-delay numberShow queueing Shutdown X330WAN-2USP Serial interface context Frame Relay Configuration CLI Commands Voip-queue Serial interface contextBc out Map-class context Be out Map-class context Clear frame-relay counters Cir out Map-class contextDe-buffer-size Frame Relay Serial interface context Encapsulation frame-relay Serial interface context De pre-mark Map-class contextNo encapsulation frame-relay type Fragment Map-class context Frame-relay class-dlci Serial sub-interface contextFrame-relay interface-dlci Serial sub-interface context No fragment value Frame-relay lmi-type Serial interface context Frame-relay lmi-n391dte Serial interface contextNo frame-relay lmi-type lmi-type No frame-relay lmi-n391dte polling-counter Frame-relay lmi-n392dte Serial interface context Frame-relay lmi-n393dte Serial interface contextNo frame-relay lmi-n392dte threshold No frame-relay lmi-n393dte events Frame-relay traffic-shaping Serial interface context 17 18No frame-relay traffic-shaping No keepalive Seconds Map-class frame-relay Show frame-relay fragmentNo map-class frame-relay map-class-name X330WAN-2USP-1super#show frame-relay fragment Show frame-relay lmi Show frame-relay map Show frame-relay map Show frame-relay pvc brief Show frame-relay pvcShow frame-relay traffic PPP Configuration CLI Commands Show map-class frame-relayIp tcp decompression-connections PPP interfaces Keepalive Serial interface context PPP encapsulation Ppp timeout ncp Serial interface context Ppp timeout retry Serial interface contextNo ppp timeout ncp Seconds No ppp timeout retry Seconds Loopback CLI Commands General Layer 2 Interface CLI CommandsInterface Loopback Bandwidth X330WAN-2USP Interface context Default-metric Interface context Clear countersShow interfaces X330W-2USP-1super#clear counters Serial Output Example for X330W-2DS1 with PPP on both controllers 156 Avaya X330WAN User’s Guide Avaya X330WAN User’s Guide 157 158 Avaya X330WAN User’s Guide Avaya X330WAN User’s Guide 159 MTU Avaya X330WAN User’s Guide 161 CRC No snmp trap link-status Snmp trap link-status Layer 3 CLI Commands Arp timeoutRouter configure# arp 192.168.7.8 00400d8c2a01 No arp timeout seconds Clear arp-cache Clear fragmentFlush all ARP entries Flush ARP entries for a Vlan Clear ip route Clear ip traffic Default-metric Router-OSPF context Default-metric Router-RIP ModeDistribution-list Router-RIP Mode No default-metric default metric FabricFastEthernet Fragment chainNo fragment chain chain-limit Fragment timeout No fragment timeout timeoutFragment size No fragment size database-limit Ip admin-state Interface context Ip bootp-dhcp network Interface contextIp admin-state up/down Ip address Ip bootp-dhcp relay Ip bootp-dhcp server Interface contextNo ip bootp-dhcp relay No ip bootp-dhcp server ip-address Ip default-gateway X330WAN-2DS1-1configure#ip bootp-dhcp serverIp broadcast-address Interface context Ip broadcast-address bc addr Ip directed-broadcast Interface context Ip distribution access-default-actionNo ip directed-broadcast Ip distribution access-list Ip distribution access-list-cookieIp distribution access-list policy-list-number Ip distribution access-list-cookie list-id cookie Ip distribution access-list-name Ip distribution access-list-copyX330WAN-2DS1-1configure#ip distribution access-list-copy 1 Ip icmp-errors Ip distribution access-list-ownerIp max-arp-entries Ip netbios-rebroadcast Interface context No ip netbios-rebroadcast directionIp max-route-entries No ip max-route-entries value Ip netmask-format No ip netmask-format mask-format Ip ospf authentication-key Interface context Ip ospf cost Interface context Ip ospf hello-interval Interface Mode Ip ospf dead-interval Interface context Ip ospf router-id Ip ospf priority Interface ModeIp proxy-arp Interface context Ip rip authentication key Interface context Ip redirects Interface context Ip rip authentication mode Interface context Ip rip default-route-mode Interface context Ip rip poison-reverse Interface context Ip rip rip-version Interface contextNo ip rip poison-reverse Ip rip rip-version No ip rip send-receive-mode modedefault route metric Ip rip send-receive Interface contextIp rip split-horizon Interface context No ip rip split-horizon Ip routing Ip routeNo ip routing Ip routing-mode mode X330WAN-2DS1-1configure#ip routing-mode RtprimarymgmtIp routing-mode Interface context Ip vrrp Interface context Ip vrrp address Ip vrrp auth-keyNo ip vrrp vr-idaddress ip-address No ip vrrp vr-idauth-key key-string X330WAN-2DS1-1configure#ip vrrp 1 override addr owner Ip vrrp override addr ownerIp vrrp preempt No ip vrrp vr-idoverride addr owner Ip vrrp primary Ip vrrp priorityNo ip vrrp vr-idprimary ip-address No ip vrrp vr-idpriority pri-value Network Router-OSPF context Ip vrrp timerArea No ip distribution access-list access-list-number No ip distribution access-listNetwork Router-RIP context Redistribute Router-OSPF context PingNo redistribute protocol Redistribute Router-RIP context Router ospfRouter rip No router ospf Router vrrp Show fragmentNo router vrrp Show fragment Show ip distribution access-lists distribution-list-number Show ip distribution access-listsShow ip arp Show ip icmp Show ip interface Show ip interface brief Show ip interface brief Show ip ospf Show ip ospf databaseShow ip ospf Show ip ospf database Routerospf# show ip ospf database Show ip ospf interfaceShow ip ospf interface interface-name Show ip protocols Show ip ospf neighborShow ip protocols protocol MAC address Show ip reverse-arpNumber of bytes in the address to match Show ip route best-match Show ip routeDestination IP address Show ip route static Show ip route summary Show ip traffic Show ip traffic Show ip vrrp Show ip vrrp Show ip vrrp detail Show ip vrrp detail Timers basic Router-RIP context Timers spf Router-OSPF contextNo timers basic update invalid No timers spf spf-holdtime Policy CLI Commands Ip access-default-actionIp access-group Interface context Traceroute Ip access-list Ip access-list-cookie Ip access-list-copyIp access-list-cookie list-id cookie X330WAN-2DS1-1super#ip access-list-cookie 101 Ip access-list-dscp name Ip access-list-dscp operationIp access-list-dscp precedence X330WAN-2DS1-1super#ip access-list-dscp name 101 16 special Ip access-list-name Ip access-list-dscp trustX330WAN-2DS1-1super#ip access-list-name 101 morning Ip composite-op access Ip access-list-ownerX330WAN-2DS1-1super#ip access-list-owner 101 admin Ip composite-op dscp X330WAN-2DS1-1configure#ip composite-op dscp 101 17Ip composite-op name Ip composite-op notify Ip composite-op priority Ip simulate Interface context 192.67.85.12 Show ip access-group No ip composite-opSet qos policy-source Set qos policy-source source Show ip access-list-dscp Show ip access-listsX330WAN-2DS1-1configure#show ip access-group FastEthernet 1 X330WAN-2DS1-1configure#show ip access-list-dscp 101 Show ip access-list-summary Show ip access-lists detailsShow ip access-list-summary Show ip active-access-groups Show ip active-access-groupsShow ip composite-op Validate-group Interface context Error messages not displayed Interface Specifications DTE RTS+ Figure A.2 Avaya serial cable DTE X.21 Cable Console Pin Assignments X330WAN RJ-45 Pin Name Terminal Modem DB-9 Pin DB-25 Pin System Requirements Windows 95 or NT Windows 98, ME, or Running the Embedded Manager Figure B.1 The Welcome Installing the Java Plug-in Figure B.2 Web-based Manager Installing from the Avaya Site Installing from your Local Web Site Documentation and Online Help Software Download ITU-T Standards Compliance Ansi Standards ComplianceITU-T # Description RFC Standards Compliance RFC # Type Approval Standards Nebs Standards ComplianceCertification Description Safety Standards Compliance Electromagnetic Standards Compliance EMC Telecommunication Standards Compliance TBR13Page Emea Europe, Middle East, and Africa Region United StatesCountry Local Dial-In Number UAE AP Asia Pacific Region Cala Caribbean and Latin America Region 242 Avaya X330WAN User’s Guide