ADTRAN E1 Manual do Utilizador descarregar pdf (Página 12)

Creating Access Lists and Policies T1/E1 WAN Configuration Guide

Access List and Access Policy Example

Let’s review the following example to illustrate the ACL and ACP creation process.

For our example, evaluate the incoming and outgoing traffic on the WAN and local Ethernet interfaces.

Use ACLs and ACPs to provide connectivity for traffic between the private LANs (branch site 10.10.4.0

network and corporate HQ 10.25.15.0 network), grant access to the public internet connection for all users

(branch site and corporate HQ), and hide private IP addresses for all traffic transmitted to the public

domain over the PPP connection (to protect the network). The following table outlines our traffic concerns:

Begin by planning the ACL selectors for the traffic received on the connection to the branch office. Use

extended ACLs to use source and destination IP addresses to sort the traffic received from the remote

LANs into two categories – traffic destined for the corporate LAN or traffic destined for the public

Internet. Each category requires an extended ACL to select the appropriate traffic. All traffic destined for

the public Internet requires a many-to-one NAT configuration to hide the private IP addresses and to allow

a single, public IP address for access to the Internet.

Next, plan the ACL selectors for the traffic received on the local network (Ethernet interface). Use

extended ACLs to use source and destination IP addresses to sort the traffic received from the local

network into two categories – traffic destined for the branch office LAN or traffic destined for the public

Internet. Each category requires an extended ACL to select the appropriate traffic. All traffic destined for

the public Internet requires a many-to-one NAT configuration to hide private IP addresses and to allow a

single, public IP address for access to the Internet.

Interface Traffic to Select

Connection to

Branch Office

traffic from remote LAN (10.10.4.0/24) destined for the local LAN (10.25.15.0/24)

traffic from remote LAN (10.10.4.0/24) to the Internet through the PPP interface

Local Network

(Ethernet Interface)

traffic destined for the remote LAN (10.10.4.0/24)

traffic to the Internet through the PPP interface

NetVanta 4305

STATUS

NET 2

WAN

DBU

LNK

LAN 2

NetVanta 4305

STATUS

ACTIVITY

TEST

WIDE SLOT 1

LNK

LAN 1

NET 1

WAN

DBU

NetVanta 4305

STATUS

NET 2

WAN

DBU

LNK

LAN 2

NetVanta 4305

STATUS

ACTIVITY

TEST

WIDE SLOT 1

LNK

LAN 1

NET 1

WAN

DBU

Internet

PPP

10.25.15.0/24

10.10.4.0/24

68.22.15.2/30

1 2 ... 7 8 9 10 11 12 13 14 15 16 17 ... 21 22

Comentários a estes Manuais

Sem comentários

ADTRAN E1 Manual do Utilizador Página 12

Comentários a estes Manuais

Manuais e produtos relacionados com Redes ADTRAN E1