Views
3 years ago

IC36240 User's Manual - Asante

IC36240 User's Manual - Asante

6.4.6 Configuring Common

6.4.6 Configuring Common Access Lists This section provides examples the most common ACLs used when configuring a network. Change the IP addresses in the following examples when using them in your network. The following example shows denying special-use address sources. Switch(config)# access-list 110 deny ip 127.0.0.0 0.255.255.255 any Switch(config)# access-list 110 deny ip 192.0.2.0 0.0.0.255 any Switch(config)# access-list 110 deny ip 224.0.0.0 31.255.255.255 any Switch(config)# access-list 110 deny ip host 255.255.255.255 any The following example shows explicitly permitting ICMP. Switch(config)# access-list 110 permit icmp any any Switch(config)# access-list 110 permit icmp any any tos Switch(config)# access-list 110 deny icmp any any The following example shows explicitly permitting UDPs with an operator equal to 53. Switch(config)# access-list 110 permit udp any any eq 53 The following example shows explicitly permitting legitimate business traffic. Switch(config)# access-list 110 permit tcp any any Internet-routable established Switch(config)# access-list 110 permit udp any range 1 1023 Internet-routable subnet gt 1023 The following example shows explicitly permitting ftp data connections. Switch(config)# access-list 110 permit tcp any any eq 20 Internet-routable subnet gt 1023 The following example shows explicitly permitting tftp data and multimedia connections. Switch(config)# access-list 110 permit udp any any gt 1023 Internet-routable subnet gt 1023 The following example shows explicitly permitting incoming DNS queries. Switch(config)# access-list 110 permit udp any any gt 1023 host eq 53 The following example shows explicitly permitting zone transfer DNS queries to primary DNS server. Switch(config)# access-list 110 permit tcp host secondary DNS server gt 1023 host primary DNS server eq 53 The following example shows explicitly permitting older DNS zone transfers. Switch(config)# access-list 110 permit tcp host secondary DNS server eq 53 host primary DNS server eq 53 64 Asante IntraCore IC36240 User’s Manual

The following example shows explicitly denying all other DNS traffic. Switch(config)# access-list 110 deny udp any any eq 53 Switch(config)# access-list 110 deny tcp any any eq 53 The following example shows explicitly permitting internet-sourced connections to publicly accessible servers. Switch(config)# access-list 110 permit tcp any host public web server eq 80 Switch(config)# access-list 110 permit tcp any host public web server eq 443 Switch(config)# access-list 110 permit tcp any host public FTP server eq 21 The following example shows explicitly permitting public SMTP connections to the FTP server. Switch(config)# access-list 110 permit tcp any gt 1023 host public FTP server gt 1023 Switch(config)# access-list 110 permit tcp any host public SMTP server eq 25 The following example shows explicitly denying all other traffic. access-list 101 deny ip any any 65 Asante IntraCore IC36240 User’s Manual

EFM User Manual - CTC Union Technologies Co.,Ltd.
EAP350 User Manual - EnGenius Technologies
FMUX01A/Plus User Manual - Products
Rovio User manual - WowWee
User's Manual for FH316 Dual Speed hub - Asante
IMBA-Q454-R10 User Manual - iEi
BRC-64 User Manual
User Manual - Busse Yachtshop
sinaCAM User Manual
BGAN User Manual - mcomnet.co.uk
SDHTU03-SNMP-NTU User Manual - CTC Union Technologies Co ...
Table of Contents D-Link DSL-2730U User Manual 1
ET100/NRZ User Manual - CTC Union Technologies Co.,Ltd.
user manual explorer™ 300 - Intermatica
Complete User Manual - Sears Connect
ECB150 User Manual - EnGenius Technologies