Table of Contents
Advertisement
6 - 28 WiNG 5.5 Access Point System Reference Guide
Network Service Alias
Source Port
Destination Port
ICMP Type
ICMP Code
Start VLAN
End VLAN
Protocol
Mark
Log
Enabled
Description
The service alias is a set of configurations consisting of protocol and port mappings. Both
source and destination ports are configurable. Set an alphanumeric service alias
(beginning with a $ character and containing one special character) and include the
protocol as relevant. Selecting either tcp or udp displays an additional set of specific TCP/
UDP source and destinations port options.
If using either tcp or udp as the protocol, define whether the source port for incoming IP
ACL rule application is any, equals or an administrator defined range. If not using tcp or
udp, this setting displays as N/A. This is the data local origination virtual port designated
by the administrator. Selecting equals invokes a spinner control for setting a single
numeric port. Selecting range displays spinner controls for Low and High numeric range
settings. A source port cannot be a destination port.
If using either tcp or udp as the protocol, define whether the destination port for incoming
IP ACL rule application is any, equals or an administrator defined range. If not using tcp or
udp, this setting displays as N/A. This is the data local origination virtual port designated
by the administrator. Selecting equals invokes a spinner control for setting a single
numeric port. Selecting range displays spinner controls for Low and High numeric range
settings.
Selecting ICMP as the protocol for the IP rule displays an additional set of ICMP specific
options for ICMP type and code. The Internet Control Message Protocol (ICMP) uses
messages identified by numeric type. ICMP messages are used for packet flow control or
generated in IP error responses. ICMP errors are directed to the source IP address of the
originating packet. Assign an ICMP type from 1-10.
Selecting ICMP as the protocol for the IP rule displays an additional set of ICMP specific
options for ICMP type and code. Many ICMP types have a corresponding code, helpful for
troubleshooting network issues (0 - Net Unreachable, 1- Host Unreachable, 2 - Protocol
Unreachable etc.).
Select a Start VLAN icon within a table row to set (apply) a start VLAN range for this IP
ACL filter. Start VLAN represents the virtual LAN beginning numeric identifier arriving
packets must adhere to in order to have the IP ACL rules apply.
Select an End VLAN icon within a table row to set (apply) an end VLAN range for this IP
ACL filter. End VLAN represents the virtual LAN end numeric identifier arriving packets
must adhere to in order to have the IP ACL rules apply.
Select the protocol to filter for this ACL. Use the drop down to select from a list of
predefined protocol or use the spinner control to set a particular protocol number.
Select this option to mark certain fields inside a packet before allowing them. Mark is only
applicable for Allow rules. Mark sets the rule's 802.1p or dscp level (from 0 - 7)
Select this option to create a log entry that a firewall rule has allowed a packet to be
either denied or allowed.
Select this option to enable or disable this particular IP Firewall rule in this rule set.
Lists the administrator assigned description applied to the IP ACL rule. Select a
description within the table to modify its character string as filtering changes warrant.
Select the icon within the Description table header to launch a Select Columns screen
used to add or remove IP ACL criteria from the table.
Hide quick links:
Advertisement
Table of Contents
