Versions Compared

Old Version 2

changes.mady.by.user Ribbon Communications

Saved on

compared with

New Version Current

changes.mady.by.user Ribbon Communications

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. In the left navigation panel, click on Access Control Lists and click on the desired table.

  2. Click on the desired entry.

  3. Enter the desired configuration. See Creating and Modifying Rules for IPv4 and IPv6 Access Control Lists in SBC SWe Edge#General General Information Panel - Field Definitions.

    Note
    titleNote

    Federated IP addresses and FQDNs specified in an Access Control List are whitelisted.


  4. Click OK.

    Panel
    borderStylenone
    Caption
    0Figure
    1Create Rule Entry

    Image Modified


General Information Panel - Field Definitions

...

Panel
bgColor#FAFAFA
borderStylenone

The Services option allows you to define the service for either UDP or TCP protocol. The Single Port option should be used to specify a specific source or destination port number. This field is available only when either TCP or UDP is selected from the Protocol drop down box. Valid entry: Service or Single.


Info

Port range is not supported in SWe Edge.

Service

Panel
bgColor#FAFAFA
borderStylenone


When this is the
Protocol selection... 		...the Service
choices are:
TCP
  • HTTPS
  • HTTP
  • SSH
UDP
  • SNMP
  • DHCP
  • DNS
  • RIP


...

Modifying a Rule

Include Page
UXDOC110:_Modify_EntryUXDOC110:
_Modify_Entry
nopaneltrue
Include Page
UXDOC110:_Delete_Entry_ProcedureUXDOC110:
_Delete_Entry_Procedure
nopaneltrue

...

caption
Note

System defaults for IPv4 and IPv6 cannot be deleted.

0Figure
1


System Default IPv4 ACL List

IPv4 Default ListProtocolSource IP/MaskDestination IP/MaskProtocol ServiceActionInterface NamePrecedencePrimary Key
Allow DHCP Access
allow-dhcpv4-dstPort-67UDPAnyAnyDHCP/BOOTP (Server)Allow-650001
allow-dhcpv4-dstPort-68UDPAnyAny--None--Allow-650012
allow-dhcpv4-srtPort-67UDPAnyAny--None--Allow-650023
allow-dhcpv4-srtPort-68UDPAnyAny--None--Allow-650034
Allow Terminal Services
allow-ssh-=dstPort-22TCPAnyAnySSHAllow-650041
allow-ssh-=dstPort-80TCPAnyAnyHTTPAllow-650052
allow-ssh-=dstPort-443TCPAnyAnyHTTPSAllow-650063
Allow Everything
allow-all-tcpTCPAnyAny--None--Allow-650071
allow-all-udpUDPAnyAny--None--Allow-650082
allow-all-icmpICMPAnyAny--None--Allow-650093

...

...


...

System Default IPv6 ACL List

IPv6 Default ListProtocolSource IP/MaskDestination IP/MaskProtocol ServiceActionInterface NamePrecedencePrimary Key
Allow DHCP Access
allow-dhcpv4-dstPort-67UDPAnyAny--None--Allow-640001
allow-dhcpv4-dstPort-68UDPAnyAny--None--Allow-640012
allow-dhcpv4-srtPort-67UDPAnyAny--None--Allow-640023
allow-dhcpv4-srtPort-68UDPAnyAny--None--Allow-640034
Allow Terminal Services
allow-ssh-=dstPort-22TCPAnyAny--None--Allow-640041
allow-ssh-=dstPort-80TCPAnyAny--None--Allow-640052
allow-ssh-=dstPort-443TCPAnyAny--None--Allow-640063
Allow Everything
allow-all-tcpTCPAnyAny--None--Allow-640071
allow-all-udpUDPAnyAny--None--Allow-640082
allow-all-icmpICMPv6AnyAny--None--Allow-640093


Anchor
Sample
Sample
Sample Teams Direct Routing ACL Rule Configuration

...


Sample ACL Rule for Microsoft Teams

DescriptionProtocolSource IP/MaskDestination IP/MaskProtocol ServiceActionInterface NamePrecedencePrimary Key
Outbound DNS RequestTCP<Source IP/Mask>AnyDNSAllowEthernet 111
Outbound DNS ReplyTCPAny<Destination IP/Mask>--None--AllowEthernet 122
Outbound DNS RequestUDP<Source IP/Mask>AnyDNSAllowEthernet 133
Outbound DNS ReplyUDPAny<Destination IP/Mask>--None--AllowEthernet 144
Outbound NTP RequestUDP<Source IP/Mask>Any--None--AllowEthernet 155
Outbound NTP ReplyUDPAny<Destination IP/Mask>--None--AllowEthernet 166
Outbound SIP RequestTCP<Source IP/Mask>Any--None--AllowEthernet 177
Outbound SIP ReplyTCPAny<Destination IP/Mask>--None--AllowEthernet 188
Inbound SIP RequestTCPAny<Destination IP/Mask>--None--AllowEthernet 199
Inbound SIP ReplyTCP<Source IP/Mask>Any--None--AllowEthernet 11010
Outbound DHCP Request Port-67UDPAnyAnyDHCP/BOOTP (Server)AllowEthernet 11111
Outbound DHCP Request Port-68UDPAnyAny--None--AllowEthernet 11212
Outbound DHCP Reply Port-67UPDAnyAny--None--AllowEthernet 11313
Outbound DHCP Reply Port-68UPDAnyAny--None--AllowEthernet 11414
Deny All ProtocolAnyAnyAny--None--DenyEthernet 11515