CHAPTER 2. Packet Filtering
230
© SAMSUNG Electronics Co., Ltd.
MAC filtering is supported on inbound packets only. MAC filtering can be
applied to:
y
Source MAC and source mask addresses
y
Destination MAC and destination mask addresses
y
Ethernet type
y
Class of Service(CoS)
y
VLAN ID
Example: Blocking Telnet Access
Consider a Ubigate iBG2016 connected via a bundle ‘WAN1’(wan IP address
200.1.1.1) to an ISP, with Ethernet 0/1(IP address 222.199.19.3) connected to
the internal network. The network administrator wants to completely block
Telnet access to the Ubigate iBG2016 from all external networks as well as
from all internal networks except 222.199.19.0/28. All other TCP/IP traffic,
such as FTP, Ping, and HTTP, is to flow unrestricted through the Ubigate
iBG2016.
Configure the Ubigate iBG2016
Router# configure term
Router/configure# ip access-list filtera
Router/configure/ip/access-list filtera# add deny tcp any
200.1.1.1 dport =23
Router/configure/ip/access-list# add permit tcp
222.199.19.0/28 222.199.19.3 dport =23
Router/configure/ip/access-list# add deny tcp any
222.199.19.3 dport=23
Router/configure/ip/access-list# add permit ip any any
Router/configure/ip/access-list# end
Router# save local
Содержание Ubigate iBG2016
Страница 1: ......
Страница 16: ...INTRODUCTION XIV SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 34: ......
Страница 42: ...CHAPTER 1 Basic Configuration 8 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 62: ...CHAPTER 4 System Logging 28 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 70: ......
Страница 108: ......
Страница 126: ...CHAPTER 1 Layer 2 Switching 90 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 140: ...CHAPTER 4 RIP 104 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 156: ...CHAPTER 6 BGP 120 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 176: ...CHAPTER 7 MultiCast Protocols 140 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 180: ...CHAPTER 8 VRRP 144 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 264: ...CHAPTER 10 QoS 228 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 270: ...CHAPTER 11 VLAN forwarding with QoS 234 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 272: ......
Страница 278: ...CHAPTER 1 Authentication Authorization Accounting 228 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 298: ...CHAPTER 3 Firewall NAT 248 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 356: ...CHAPTER 5 IPSEC 306 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 358: ......
Страница 390: ...CHAPTER 2 VoIP Gateway Management 336 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 514: ...CHAPTER 4 H 323 Gateway Management 460 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 670: ...CHAPTER 8 Routing and Digit Manipulation 616 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 744: ...EQBD 000071 Ed 00 ...