Asante Technologies IC36240 Power Supply User Manual


  Open as PDF
of 108
 
6.4.6 Configuring Common Access Lists
This section provides examples the most common ACLs used when configuring a network. Change the IP addresses
in the following examples when using them in your network.
The following example shows denying special-use address sources.
Switch(config)# access-list 110 deny ip 127.0.0.0 0.255.255.255 any
Switch(config)# access-list 110 deny ip 192.0.2.0 0.0.0.255 any
Switch(config)# access-list 110 deny ip 224.0.0.0 31.255.255.255 any
Switch(config)# access-list 110 deny ip host 255.255.255.255 any
The following example shows explicitly permitting ICMP.
Switch(config)# access-list 110 permit icmp any any
Switch(config)# access-list 110 permit icmp any any tos
Switch(config)# access-list 110 deny icmp any any
The following example shows explicitly permitting UDPs with an operator equal to 53.
Switch(config)# access-list 110 permit udp any any eq 53
The following example shows explicitly permitting legitimate business traffic.
Switch(config)# access-list 110 permit tcp any any Internet-routable established
Switch(config)# access-list 110 permit udp any range 1 1023 Internet-routable subnet
gt 1023
The following example shows explicitly permitting ftp data connections.
Switch(config)# access-list 110 permit tcp any any eq 20 Internet-routable subnet gt
1023
The following example shows explicitly permitting tftp data and multimedia connections.
Switch(config)# access-list 110 permit udp any any gt 1023 Internet-routable subnet gt
1023
The following example shows explicitly permitting incoming DNS queries.
Switch(config)# access-list 110 permit udp any any gt 1023 host <primary DNS server>
eq 53
The following example shows explicitly permitting zone transfer DNS queries to primary DNS server.
Switch(config)# access-list 110 permit tcp host secondary DNS server gt 1023 host
primary DNS server eq 53
The following example shows explicitly permitting older DNS zone transfers.
Switch(config)# access-list 110 permit tcp host secondary DNS server eq 53 host
primary DNS server eq 53
64 Asante IntraCore IC36240 User’s Manual
 previous next