[e-nsp] extreme ware ACLs..
Marcin Kuczera
marcin at leon.pl
Wed Apr 7 09:23:44 EDT 2010
hello,
could anyone help me with understanding extreme ware access lists ???
There is a case, that a single IP address should be locked on a physical
port (hosting purpose).
There is a host (.3) and gateway (.1)
create access-mask ip_addr_mask ip-protocol dest-ip / 32 source-ip / 32
ports precedence 2000
create access-list test-list ip_addr_mask dest-ip 172.20.0.3/32
source-ip 172.20.0.1/32 deny
ERROR: ACL: Entry test-list has fields that does not match with the
fields of access-mask ip_addr_mask.
ERROR: ACL: Cannot add rule test-list (reason: validation failed).
What is wrong ?
Regards,
Marcin
Book example looks like that:
create access-mask ip_addr_mask ip-protocol dest-ip/32 source-ip/32
ports precedence 20000
create access-list tcp1_2 ip_addr_mask ip-protocol tcp dest-ip
10.10.20.100/32
source-ip 10.10.10.100/32 ports 2 permit qp1
create access-list tcp2_1 ip_addr_mask ip-protocol tcp dest-ip
10.10.10.100/32
source-ip 10.10.20.100/32 ports 10 permit qp1
More information about the extreme-nsp
mailing list