Brocade Communications Systems ServerIron ADX 12.4.00 Service Manual Page 105
- Page / 149
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
ServerIron ADX NAT64 Configuration Guide 93
53-1002444-02
ACLs and ICMP
5
DRAFT: BROCADE CONFIDENTIAL
Named ACLs
For example, to deny the administratively-prohibited message type in a named ACL, enter
commands such as the following.
ServerIronADX(config)# ip access-list extended melon
ServerIronADX(config-ext-nacl)# deny ICMP any any
or
ServerIronADX(config)# ip access-list extended melon
ServerIronADX(config-ext-nacl)# deny ICMP any any 3 13
Syntax: [no] ip access-list extended <acl-num> | <acl-name>
Syntax: deny | permit icmp <source-ip-address> | <source-ip-address/subnet-mask> | any | host
<source-host>
<destination-ip-address> | destination-ip-address/subnet-mask> | any | host
<destination-host>
<icmp-type> | <icmp-type-number> <icmp-code-number>
The extended parameter indicates the ACL entry is an extended ACL.
The <acl-name> | <acl-num> parameter allows you to specify an ACL name or number. If using a
name, specify a string of up to 256 alphanumeric characters. You can use blanks in the ACL name
if you enclose the name in quotation marks (for example, “ACL for Net1”). The <acl-num>
parameter allows you to specify an ACL number if you prefer. If you specify a number, enter a
number from 100 through 199 for extended ACLs.
The deny | permit parameter indicates whether packets that match the policy are dropped or
forwarded.
You can either use the <icmp-type> and enter the name of the message type or use the
<icmp-type-number> <icmp-ode-number> parameter and enter the type number and code number
of the message. Refer to Table 12 for valid values.
NOTE
“X” in the Type-Number or Code-Number column in Table 12 means the device filters any traffic of
that ICMP message type.
TABLE 12 ICMP message types and codes
ICMP message type Type Code
administratively-prohibited 3 13
any-icmp-type x x
destination-host-prohibited 3 10
destination-host-unknown 3 7
destination-net-prohibited 3 9
destination-network-unknown 3 6
echo 8 0
echo-reply 0 0
general-parameter-problem
NOTE: This message type indicates that required
option is missing.
12 1
- ServerIron ADX 1
- Document History 2
- Contents 3
- About This Document 9
- Command syntax conventions 10
- Notice to the reader 11
- Related publications 11
- Getting technical help 11
- NAT64 and NAT46 Overview 13
- Stateless NAT46 translation 14
- Protocol support 15
- NAT64 fragmentation support 17
- References 18
- Stateful NAT64 Configuration 19
- Operation of stateful NAT64 20
- 53-1002444-02 23
- Enabling connection logging 28
- Displaying NAT64 information 31
- Displaying NAT64 translations 32
- Displaying NAT64 statistics 33
- Displaying NAT64 resources 37
- Stateless NAT64 Configuration 39
- Operation of stateless NAT64 40
- High availability for NAT64 52
- Clearing NAT64 information 53
- Stateless NAT46 Configuration 55
- Operation of stateless NAT46 56
- High availability for NAT46 67
- Displaying NAT46 information 68
- Clearing NAT46 information 69
- Access Control Lists 71
- Rule-based ACLs 72
- Default ACL action 74
- ACL IDs and entries 74
- Configuring rule-based ACLs 77
- Modifying rule-based ACLs 85
- Reordering ACLs 86
- Applying ACLs to interfaces 87
- Adding comments to named ACLs 89
- ACL logging 94
- Displaying ACL log entries 95
- Clearing the ACL statistics 97
- Throttling the fragment rate 98
- DRAFT: BROCADE CONFIDENTIAL 100
- Enabling strict TCP mode 101
- Enabling strict UDP mode 102
- ACLs and ICMP 103
- Numbered ACLs 104
- Named ACLs 105
- • Enable the strict TCP mode 107
- IPv6 Access Control Lists 109
- Configuration notes 110
- Processing of IPv6 ACLs 110
- Configuring IPv6 ACLs 111
- IPv6 ACL syntax 114
- Syntax Description 116
- Displaying IPv6 ACLs 118
- Logging IPv6 ACLs 119
- Network Address Translation 121
- Configuring NAT 122
- Configuring static NAT 123
- Configuring dynamic NAT 123
- Enabling IP NAT 124
- NAT configuration examples 125
- IP NAT with VIP overlap 129
- Translation timeouts 130
- Stateless static IP NAT 132
- IP NAT redundancy 133
- Displaying NAT information 144
- Displaying NAT translation 147
- Displaying VRRPE information 148
Related products and manuals for Network switches Brocade Communications Systems ServerIron ADX 12.4.00
(16 pages)
(82 pages)© 2020, manymanuals.com. All rights reserved. | 0.272 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals