Add/Edit IP ACL

Configuration > Classification > IP ACL > Add/Edit ACL

This dialog box displays a list of IP Access Control Entries (ACEs). From here, you can launch dialog boxes to add, edit, or delete IP ACEs.

To view the definition for a particular MIB variable, click the appropriate link from the following list:

The following list specifies buttons in this dialog box, as well as their function:


ACL Name (caqIpAclName)

The name of an Access Control List. The name is unique throughout all of the ACL tables that refer to the list which the entry belongs to in the device.


Source IP (caqIpAceSrcIp)

The specified source IP address.


Protocol Type (caqIpAceProtocolType)

The protocol number field used to indicate the higher layer protocol in the IP header, as specified in RFC 1700. The values range from 0 to 255, where a value of "0" matches every IP packet.


Source IP Mask (caqIpAceSrcIpMask)

The specified source IP address mask.


Source Ports (caqIpAceSrcPort)

The source port number of the TCP or UDP protocol. Values can range from 0 to 65,535.


Destination IP (caqIpAceDestIp)

The specified destination IP address.


Destination Mask (caqIpAceDestIpMask)

The specified destination IP address mask.


Destination Ports (caqIpAceDestPort)

The destination port number of the TCP or UDP protocol. Values can range from 0 to 65,535.


The following table outlines which policy types are supported by the IP, IPX, and MAC interfaces on Sup1 and Sup2 supervisor cards.

Table 1: Policy Types Supported

Policy Type

Sup1 Card

Sup2 Card

IP

IPX

MAC

IP

IPX

MAC

Micro Flow

Yes

No

No

Yes

No

No

Aggregate Flow

Yes

Yes

Yes

Yes

Yes

Yes

No Trust

Yes

Yes

Yes

Yes

No

No

Trust CoS

Yes

Yes

Yes

Yes

Yes

Yes

DSCP

Yes

No

No

Yes

No

No

IP Prec

Yes

No

No

Yes

No

No