Procedure 14-1: Provision access control lists
Overview
Use this procedure to specify IP and/or MAC addresses authorized to access the network resources.
Access control lists ensure that only authorized users have access to specific resources and block any unwarranted attempts to reach network resources.
IP access control list guidelines
The following guidelines and rules apply to IP access control lists (ACLs).
-
IP ACL configuration for IP packet fragments is not supported.
-
A maximum of 100 ACLs can be created, regardless of type.
-
The maximum number of rules per IP ACL is hardware dependent.
-
Wildcard masking for ACLs operates differently from subnet masking. A wildcard mask is the inverse of a subnet mask. With a subnet mask, the mask has ones (1's) in the bit positions that are used for the network address, and zeros (0's) for bit positions that are not used. In a wildcard mask zeros (0’s) are in bit positions that must be checked, and ones (1’s) are in bit positions of the ACL mask that can be ignored.
MAC access control list guidelines
The following guidelines and rules apply to MAC access control lists (ACLs).
Before you begin
Obtain the work instructions for this procedure.
Step
1 |
Log in to the VLNC4x circuit pack being provisioned. | ||||||
2 |
Result: The ACL Configuration screen appears. | ||||||
3 |
Enter the required parameters, then click Submit. | ||||||
4 |
If required, provision the rules that are to be associated with the access control list. Result: Procedure 14-2: Provision access control list rules | ||||||
5 |
If required, assign the address control list to an Ethernet interface. Result: Procedure 14-3: Assign access control list to Ethernet interface End of steps |