Intel® NetStructure™ 6000 Switch

More documents

Recommendations

Info

C H A P T E R 5 Managing the Switch Adding a deny rule 1 Type acl add rule_number deny (source_address source_wildcard_mask)( destination_address destination_wildcard_mask) in privileged mode to add a deny rule. 6000 switch>#>acl add 1 deny 172.18.2.0 0.0.0.255 all 2 Type enable acl in privileged mode to activate ACL. Adding an end rule There are two rules that are always placed at the end of the list whether implied or explicitly added to the list. • Permit all all • Deny all all If the ACL is empty or an end rule has been omitted, the “deny all all” rule is implied. Moving a permit or deny rule 1 You can move an existing permit or deny rule from its current position to a new position within the rule list. Type acl move rule_number to rule_number to move a rule. 6000 switch>#>acl move 4 to 2 You cannot move an end rule or move any other rule to the end rule position. Note An end rule cannot be overwritten unless the target rule is itself an end rule. Modifying a rule You can modify existing rules. Type acl modify rule_number permit (source_address source_wildcard_mask)( destination_address destination_wildcard_mask.) to modify a permit rule. 6000 switch>#>acl modify 5 permit 172.18.1.3 host 172.18.3.0 0.0.0.3 Note You cannot modify an existing rule with an end rule unless the existing rule itself is an end rule. 190
C H A P T E R 5 Intel® NetStructure 6000 Switch User Guide Deleting a rule 1 Type acl del rule_number to delete a rule. 6000 switch>#>acl del 1 2 Type acl del all to delete all of the rules. 6000 switch>#>acl del all Displaying the rule list Type acl print rules to display the existing list of rules. IP Access Control Sample Configuration Collections IntelSwitch> 6000 Switch Hospital Billing Admissions Network Manager 192.168.1.2 IntelSwitch> 192.168.1.3 IntelSwitch> 192.168.1.4 1 6 VLAN 1: 192.168.1.1 2 3 Rule 3,6 Rule 1,4 Rule 2,4 Rule 3,4 4 VLAN 2: 5 192.168.2.1 VLAN 3: 192.168.3.1 7 Rule 5 192.168.3.2 192.168.3.3 Patient Records IntelSwitch> Radiology Department IntelSwitch> 192.168.2.2 192.168.2.3 For example, the diagram of a hospital network displays how IP filtering might be used in a typical network. Seven ports on the switch are being used to connect two servers and five workstations. The network has been divided into three subnets. • Subnet 1, the finance department, includes collections, admissions and the network manager. • Subnet 2 is the radiology department. • Subnet 3 is the computer room and includes all of the shared resources that need to be protected. The following access rules are required in this network: • Collections can access the billing server only. • Admissions can access both the billing and patient records servers. 191
Page 1 and 2:
Intel® NetStructure 6000 Switch Us
Page 3 and 4:
Contents Using the Switch 5 Unpacki
Page 5:
Contents Intel® NetStructure 6000
Page 8 and 9:
C H A P T E R 1 Intel® NetStructur
Page 10 and 11:
Page 12 and 13:
Page 14 and 15:
Page 16 and 17:
Page 18 and 19:
Page 20 and 21:
Page 22 and 23:
Page 24 and 25:
Page 26 and 27:
Page 28 and 29:
Page 30 and 31:
Page 32 and 33:
Page 34 and 35:
Page 36 and 37:
Page 38 and 39:
Page 40 and 41:
Page 42 and 43:
Page 44 and 45:
Page 46 and 47:
Page 48 and 49:
Page 50 and 51:
Page 52 and 53:
Page 54 and 55:
Page 56 and 57:
Page 58 and 59:
Page 60 and 61:
Page 62 and 63:
Page 64 and 65:
Page 66 and 67:
Page 68 and 69:
Page 70 and 71:
Page 72 and 73:
Page 74 and 75:
Page 76 and 77:
Page 78 and 79:
Page 80 and 81:
Page 82 and 83:
Page 84 and 85:
Page 86 and 87:
Page 88 and 89:
Page 90 and 91:
Page 92 and 93:
Page 94 and 95:
Page 96 and 97:
Page 98 and 99:
Page 100 and 101:
Page 102 and 103:
Page 104 and 105:
Page 106 and 107:
Page 108 and 109:
Page 110 and 111:
Page 112 and 113:
Page 114 and 115:
Page 116 and 117:
Page 118 and 119:
Page 120 and 121:
Page 123 and 124:
Using Local Management Topic See Pa
Page 125 and 126:
C H A P T E R 4 Using Local Managem
Page 127 and 128:
Page 129 and 130:
Page 131 and 132:
Page 133 and 134:
Page 135 and 136:
Page 137 and 138:
Page 139 and 140:
Page 141 and 142: C H A P T E R 4 Using Local Managem
Page 147 and 148: Managing the Switch Topic See Page
Page 149 and 150: C H A P T E R 5 Intel® NetStructur
Page 191: C H A P T E R 5 Intel® NetStructur
Page 213 and 214: $ Appendix A: Command Reference
Page 215 and 216: A P P E N D I X A Intel® NetStruct
Page 243 and 244:
A P P E N D I X A Intel® NetStruct
Page 245 and 246:
Page 247 and 248:
Page 249 and 250:
Page 251 and 252:
Page 253 and 254:
Page 255 and 256:
Page 257 and 258:
Page 259 and 260:
Page 261 and 262:
Page 263 and 264:
Page 265 and 266:
Page 267 and 268:
Page 269 and 270:
Page 271 and 272:
Page 273 and 274:
Page 275 and 276:
Page 277 and 278:
Page 279 and 280:
Page 281 and 282:
Page 283 and 284:
Page 285 and 286:
Page 287 and 288:
Page 289 and 290:
Page 291 and 292:
Page 293 and 294:
Page 295 and 296:
Page 297 and 298:
Page 299 and 300:
Page 301 and 302:
Page 303 and 304:
Page 305:
Page 308 and 309:
A P P E N D I X B GateD Reference T
Page 310 and 311:
A P P E N D I X B GateD Reference m
Page 312 and 313:
A P P E N D I X B GateD Reference C
Page 314 and 315:
A P P E N D I X B GateD Reference A
Page 316 and 317:
A P P E N D I X B GateD Reference C
Page 318 and 319:
A P P E N D I X B GateD Reference c
Page 320 and 321:
A P P E N D I X B GateD Reference S
Page 322 and 323:
A P P E N D I X B GateD Reference R
Page 324 and 325:
A P P E N D I X B GateD Reference l
Page 326 and 327:
A P P E N D I X B GateD Reference m
Page 328 and 329:
Support Services Intel offers a ran
Page 330 and 331:
A P P E N D I X C Intel® NetStruct
Page 332 and 333:
A P P E N D I X C Technical Informa
Page 335 and 336:
, Index Symbols ? command 218 Numer
Page 337 and 338:
I N D E X Intel® NetStructure 6000
Page 339 and 340:
Page 341 and 342:
Page 343 and 344:
Page 345:
show all

Intel® NetStructure™ 6000 Switch

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?