Anda di halaman 1dari 10

ACL introduction

MSAN Cai Xiaoli


xlcai@utstar.com

Course Organization

Day 1: IAN8K B1000 & xDSL introduction


Day 2: ICM3Ge & IGMP introduction
Day 3: ACL & QoS introduction
Day 4: Hands on
Day 5: Trouble shooting & Q&A

ACL introduction

Objectives:
Master IPADSL8A ACL configuration

ACL introduction

ACL : Access Control List


one of security features
configure on node level
up to 150 unique ACL rules on the module
assign to bridge port inband direction
up to six access-lists on each bridge port

ACL introduction

ACL rule :
MAC-address, IP address, TCP port, UDP port,
protocol type, etc,
ACL action:
Permit/deny

ACL introduction

ACL work flow :


packet

Access list configured

no

yes
no

Access list matched


yes

no

Action is permit
yes

Packet discard

Packet pass

ACL configuration

Configure steps:
1.Configure ACL profile
2.Assign ACL to bridge port

ACL configuration

Configure ACL profile


From the main menu, select [Profiles/Access List Profile]
Click Add to add ACL

ACL configuration

Assign ACL to bridge port


Select [Node/Shelf (x)/Slot (y): IPADSL8A/Access List]
Select bridge port
Click <Modify> to add ACL to the bridge port

Q&A

Q&A

10