Creating Access Rules

Creating Standard Access Rules

To create standard access rules:

1. Select Access Lists from the Routing > IP > Configuration group on the Web Agent window. The IP Access List dialog box opens (Figure 13-1).

NOTE: The IP Access List displays all standard and extended access rules that have been created. If no rules have been created, the following statement displays: No IP Access Rules are currently configured.

Due to its size, Figure 13-1 shows the Access List dialog box split in two separate sections.

The switch supports a maximum total of 512 access control rules, regardless of the number of access lists. For example, you could create the following three ACLs:

• ACL A with 100 rules
• ACL B with 200 rules
• ACL C with 212 rules

The combined total of rules cannot exceed 512. Only one access control list can be enabled at a time.

Index numbers of access rules can range from 1 to 512. Do not use index numbers higher than 512.

Figure 13-1. IP Access List Dialog Box

2. Click Create Standard. The Create Standard Access List dialog box opens (Figure 13-2).

Figure 13-2. Create IP Standard Access List Dialog Box

3. See Table 13-1 to configure the Create Standard IP Access List dialog box to filter or prioritize traffic:

   Table 13-1. Create Standard IP Access List Dialog Box Parameters

   Parameter	Allows you to...
   Access List Name	The Avaya Multiservice switch supports ACL names up to 32 characters (Alpha-Numeric). Spaces are allowed in the names but are not recommended. Instead of spaces, use the underscore “_” character. See “Naming Conventions for ACLs” for more information.
   Access Rule Index	Enter the sequence number for each new rule you create. Index numbers can be 1 through 512. Packets are compared against rules in ascending index order. NOTE: Note: Entering a new rule may override other rules. Review your current configuration prior to creating new access list rules.
   Access Type	Select the method of handling incoming datagrams based on the IP access type from the following pull-down menu options: Deny/Filter - Allows you to filter out (drop) packets based on the specified configuration. Permit/Fwd pri8 (high) to pri1 (low) - Allows you to prioritize traffic based on the specified configuration. Permit/Fwd with no change in priority - Allows you to forward traffic with no change in priority.
   Source Subnet	Source Address - Enter the IP address that you want to deny or grant access to the switch. The Wildcard will determine how the address is evaluated. Source Address Wildcard - Enter the Wildcard for this address. For more information on wildcards, see “What are Wildcards?” earlier in this chapter.

4. Click CREATE to save your changes, or CANCEL to restore previous settings.