Access Controls List (ACL) filter the type of traffic that is allowed or denied access to the network or portion of the network. ACLs act as packet filters based on the criteria defined in the access list. ACLs defined on the Sonus SBC 1000/2000 do not take effect until they are applied to a port.
- Access Lists can filter incoming or outgoing packets on an interface, thereby controlling access based on source addresses, destination addresses, source layer4 ports, destination layer4 ports and IP protocol.
- ACLs are composed of a sequence of rules and the order of the rules is important. If an incoming packet matches multiple rules, the first matching rule is applied.
- A port may have only one input ACL and one output ACL.
After an ACL is created, it is bound (or applied) to the following interface/ports:
On the Sonus SBC 2000:
- Ethernet ports for inbound and forwarded traffic.
- Logical interfaces for inbound/outbound/forwarded traffic.
- ASM ACLs are applied to inbound and forwarded traffic only, and they are bound on the ASM interface.
On the Sonus SBC 1000:
- ACLs are bound to logical interfaces only.
|Important Things to Remember When Creating an ACL|
|SBC Support when ACL is applied|
Working with Access Control List Tables
- In the WebUI, click the Settings tab.
In the left navigation pane, go to Protocols > IP > Access Control Lists.
To view an Access Control List's properties:
- Click the popup() icon next to the entry you want to view.
- When you are finished, close the window.
To modify an Access Control List:
- Click the expand () Icon next to the entry you wish to modify.
- Modify the table's Description as desired
- Click OK.
To create an Access Control List table:
Click the Create ( ) icon.
- Enter a descriptive name in the Description text field.
- Click OK.
Helpful Tip: To delete an entry, simply select the checkbox next to the entry you wish delete, then click the Delete () icon located at the top of the window.
|Restrictions on Deleting ACLs|
An ACL may not be deleted if it is bound to any port or logical interface. However, you may delete or modify a rule within a bound ACL. Any modification or deletion is effective immediately.