Chapter 11 Layer 3 QoS

Access List Configuration

Dynamic—Defines the selected access list to be dynamic. Dynamic access lists grant access per user to a specific source or destination host through a user authentication process. You can allow user access through a firewall dynamically, without compromising security restrictions.

Dynamic List

Name—Defines a name for the dynamic list (only available if Dynamic button is selected).

Time Out—Specifies the absolute length of time (in minutes) that a temporary access list entry can remain in a dynamic access list. The default (0) is an infinite length of time and allows an entry to remain permanently (only available if Dynamic button is selected).

Source and Destination

The Source and Destination areas contain the following fields:

Host Type—Indicates the hosts for which the access action are available. Possible values for this field include the following:

Any—All hosts

A.B.C.D—Specified IP address with wild card bits

Host Hostname—Only the specified hostname

Host A.B.C.D—Only the specified IP address

Host Name—Name of the host (or source of the packet) for which the access action is applicable.

IP Address—IP address of the host (or source of the packet) for which the access action is applicable.

Wild Card—If the access action is applicable for more than one host, then this field should be used as a mask. For example, the wild card 255.255.255.255 effectively represents any.

Port Criteria—Criteria to be applied on the specified port (interface) number. Possible values are as follows:

None—Port number is insignificant

Equal To—Equal to the port number

Not Equal To—Not equal to the port number

Greater Than—Greater than the port number

Less Than—Less than the port number

Range—Port number range

Port

The Port sub-area in the Source and Destination areas contains the following fields:

Number—Port (interface) number from/to where the packet is sent or destined.

Range—Defines which port (interface) numbers will be allowed through this filter.

 

 

Cisco 12000/10700 v3.1.1 Router Manager User Guide

 

 

 

 

 

 

OL-4455-01

 

 

11-17

 

 

 

 

 

Page 302 Page 304
Page 303
Image 303
Cisco Systems 12000/10700 V3.1.1 manual Dynamic List, Source and Destination, Port, 11-17
Page 302 Page 304
Top Page Image Contents