Ascend Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
(ASCEND) Filter Question
I want to use a filter on my MAX.
Here are the conditions:
I want to allow everthing on the max except tcp to port 5300 on the MAX
I want to allow 2 subnetīs from the ethernet to access tcp-port 5300
(I use 192.168.0.0 here instead of our Network, 192.168.13.2 is my MAX)
Here what I set up
Input Filter 1:
(Deny world port 5300)
Type: ip
Forward: No
Src Mask: 0.0.0.0
Src Adrs: 0.0.0.0
Dst Mask: 0.0.0.0
Dst Adrs: 0.0.0.0
Protocol: 6
Src Port Cmp: None
Src Port #: N/A
Dst Port Cmp: Eql
Dst Port #: 5300
TCP Estab: No
Input Filter 2:
(Allow my adrresses to my port)
Type: ip
Forward: Yes
Src Mask: 255.255.254.0
Src Adrs: 192.168.0.0
Dst Mask: 255.255.255.255
Dst Adrs: 192.168.13.2
Protocol: 6
Src Port Cmp: None
Src Port #: N/A
Dst Port Cmp: Eql
Dst Port #: 5300
TCP Estab: No
Input Filter 3:
(Allow all the Rest)
Type: ip
Forward: yes
Src Mask: 0.0.0.0
Src Adrs: 0.0.0.0
Dst Mask: 0.0.0.0
Dst Adrs: 0.0.0.0
Protocol: 0
Src Port Cmp: None
Src Port #: N/A
Dst Port Cmp: None
Dst Port #: N/A
TCP Estab: No
Then I assign this filter to Ethernet->Mod-Konfig->Ethernet-> Filter
The Problem is :
1. that i canīt do a telnet to port 5300 from 192.168.0.19 after that
2. the max stops every communication with the rest of the world after
some seconds
any help ????
--
+------------------------------------------------------------+
| Joerg Bauer EMail:joerg@germany.net |
| |
| callisto germany.net GmbH D-60596 Frankfurt/Germany |
| Telefon: +49-69-63397-410 FAX : +49-69-63397-444 |
+------------------------------------------------------------+
++ Ascend Users Mailing List ++
To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd: <http://www.nealis.net/ascend/faq>
Follow-Ups: