User's Manual
Configuring ACLs
75
NXA-ENET24 - Software Management Guide
Configuring a Standard IP ACL - Web
Specify the action (i.e., Permit or Deny). Select the address type (Any, Host, or IP).
If you select “Host,” enter a specific address. I
If you select “IP,” enter a subnet address and the mask for an address range. Then click Add.
Configuring a Standard IP ACL - CLI
This example configures one permit rule for the specific address 10.1.1.21 and another rule for the address
range 168.92.16.x – 168.92.31.x using a bitmask.
Configuring an Extended IP ACL
Command Attributes
FIG. 73 Web - Configuring Standard ACLs
FIG. 74 CLI - Configuring Standard ACLs
Command Attributes
• Action: An ACL can contain permit rules, deny rules or a combination of both.
• Default: Permit rules
• Source/Destination
Address Type:
Specifies the source or destination IP address.
Use “Any” to include all possible addresses, “Host” to specify a specific host
address in the Address field, or “IP” to specify a range of addresses with the
Address and SubMask fields.
• Options: Any, Host, IP
• Default: Any
• Source/Destination
IP Address:
Source or destination IP address.
• Source/Destination
Subnet Mask:
Subnet mask for source or destination address. (See the description for Sub-
Mask on page 74.)
• Service Type: Packet priority settings based on the following criteria:
• Precedence – IP precedence level. (Range: 0-7)
• TOS – Type of Service level. (Range: 0-15)
• DSCP – DSCP priority level. (Range: 0-64)
•Protocol: Specifies the protocol type to match as TCP, UDP or Others, where others indi-
cates a specific protocol number (0-255).
• Options: TCP, UDP, Others
• Default: TCP
• Source/Destination Port: Source/destination port number for the specified protocol type.
• Range: 0-65535