VoiceFinder AP2120 VoIP Gateway User’s Guide Version 1.00
AddPac Technology Co., Ltd. -
103 -
[Example] Extended Access-List Configuration and Usage
router (config)# ☞ In this mode, Access-list Config is possible.
router (config)# access-list 31 deny tcp 140.1.1.0 0.0.0.255
145.1.1.0 0.0.0.255 eq ftp
☞ Denies all TCP packets accessing
to the host whose destination address is “145.1.1.0/24Bit” from
“140.1.1.0/24bit” of the source address through the ftp port.
router (config)# access-list 31 deny tcp 140.1.1.0 0.0.0.255
145.1.1.0 0.0.0.255 eq ftp-data
☞ Denies all TCP packets
accessing to the host whose destination is “145.1.1.0/24Bit” from
“140.1.1.0/24bit” of the source address through the ftp-data port.
router (config)# access-list 31 permit tcp 140.1.1.0
0.0.0.255 145.1.1.0 0.0.0.255 eq ftp establish
☞ Permits only
packets whose sessions are set already among the TCP packets
accessing to the host whose destination is “145.1.1.0/24Bit” from
“140.1.1.0/24bit” of the source address through the ftp port.
router (config)# access-list 31 permit ip any any ☞ Permits
all IP packets except those matching conditions above.
router (config)# interface Ethernet 0 0 ☞ Enters into the
configuration mode of the interface Ethernet 0.0
router(config-ether0.0)# ip ☞ Enters into ip configuration
mode.
router (config-ether0.0)# ip access-group 31 in ☞ Applies
the Access-List 31 that has been set for all IP packets incoming
through the Ethernet 0.0 interface.
router (config-ether0.0)# end
router # show access-list 31
☞ Shows the Access-List 31 that
has been set.
Extended Access List (Index = 31)
1 : deny tcp 140.1.1.0 0.0.0.255 145.1.1.0 0.0.0.255
2 : deny tcp 140.1.1.0 0.0.0.255 145.1.1.0 0.0.0.255 eq
ftp-data
3 : deny tcp 140.1.1.0 0.0.0.255 145.1.1.0 0.0.0.255 eq ftp
established
Comments to this Manuals