9-14
Chapter 9
Cajun P550/P880/P882 Switch User Guide
Configuring
Access Lists
Access Control Lists, also referred to as Access Lists, contain rules
that forward or deny data to and through the switch. By configuring
Access Lists, you can:
■ Prioritize the transmission of frames within the switch.
■ Filter out specific or general network transmissions (for
example, all traffic from a particular subnet to the switch).
When you create an Access List, you create a series of rules that
describe how data is forwarded or filtered within the switch. You
can assign up to eight levels of priority to routed data.
Standard Access List support the conversion to the web agent of
Cisco scripts that contain access lists. Extended access lists enable the
switch to filter or deny information between two specified subnets
via specific protocols, such as the Transmission Control Protocol
(TCP) and the User Datagram Protocol (UDP), and specified ranges
of ports.
* Note: Access rules are searched in order of priority from first to
last. During this search, the first rule that matches the
frame is applied. If no rule is matched to a frame, then
the frame is forwarded with normal priority. You cannot
Access Lists to filter traffic destined to the switch’s CPU.
There is an implied permit all at the end of the list.
Also, you can only have one list active at a time.
Creating
Standard Access
Rules
To create standard access rules:
1. Select Access Lists from the Routing > IP > Configuration
group on the web agent window. The IP Access List dialog
box opens (Figure9-5).
* Note: The IP Access List dialog box displays all
standard and extended access rules that have
been created. If no rules have been created, the
following statement displays: No IP Access
Rules are currently configured
.
* Note: Due to its size, Figure 9-5 shows the Access List
dialog box split in two separate sections.