Filter
Top Products
Advanced Configuration and Management Guide
Filtering AppleTalk Zones and Networks
Defining Zone Filters
Zone filtering allows you to define access for a network and its nodes by entering single permit or deny CLI
commands, instead of defining an access list for each node independently.
By eliminating the need to enter separate numbers for each device or network segment, zone filters improve
overall system administration of an AppleTalk network. For example, if a new device such as a server or laser
printer is added to an existing zone, all users in that zone automatically have access to that device without any
additional configuration.
Additionally, zone filters help eliminate unauthorized access to devices within restricted zones. As new devices
are added to secured zones, information on those devices is protected automatically.
Apple
Server
Port 13Port 1 Port 15
Apple
Server
Port 10 Port 14
...
AppleTalk
...
AppleTalk
...
Port 3
Finance
Zone
...
100.50
200.50 300.50
AppleTalk
400.50
Network 500
Network 600
Marketing Zone
FieldService Zone
AppleTalk Addresses Assigned to Ports
Port 1 = 200.50
Port 3 = 100.50
Port 10 =
Port 13 = 300.50
Port 14 = 500.50
Port 15 = 400.50
500.50600.50
Network 300
Network 400
Network 200
600.50
FieldService
Zone
Marketing
Zone
Figure 15.2 AppleTalk zones in a network
EXAMPLE:
Suppose you want to deny access to the Finance server to users within the Marketing and Field Service zones on
the network, as shown in
Figure 15.2. To define a zone filter for this, use one of the following methods.
15 - 10