No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

AR Router Troubleshooting Guide

This Product Documentation provides guidance for maintaining AR Enterprise Router, covering common information collection and fault diagnostic commands, typical fault troubleshooting guide, and troubleshooting.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
What Are the Method Used to Process Packets After Different Features Reference ACLs?

What Are the Method Used to Process Packets After Different Features Reference ACLs?

The methods used to process packets are as follows.
Feature Processing Method

Basic Configuration

  • FTP

    An FTP connection is established if packets match the permit rule; no FTP connection can be established if packets match the deny rule or match no rule.

  • Telnet

    An Telnet connection is established if packets match the permit rule; no Telnet connection can be established if packets match the deny rule or match no rule.

IP Service

When an ACL is referenced in NAT, the system processes packets according to the rules they match. If a packet matches a rule with the permit action, the system translates source addresses of data packets. If a packet do not match any rules or matches a rule with the deny action, the system does not translate source addresses of data packets.

QoS

When an ACL is referenced in a traffic policy, the system processes packets according to the rules they match. If a packet matches a rule with the permit action, the system processes the packet according to the traffic policy. If a packet matches a rule with the deny action, the system drops the packet directly. Packets that do not match any rules in the ACL are forwarded normally.

Security

  • Firewall

    When ACL-based packet filtering firewall references ACLs, the AR router forwards packets matching permit rules, discards packets matching deny rules, and applies default rules to packets not matching any rule.

    When port mapping references ACLs, the AR router maps packets matching permit rules, and does not map packets matching deny rules or no rule.

    When session log references an ACL, the AR router records logs for packets matching permit rules, and does not records logs for packets matching deny rules or no rule.

  • Local attack defense

    When a blacklist references an ACL, the AR router discards packets matching permit and deny rules, and forwards packets that do not match any rule.

Translation
Download
Updated: 2019-05-10

Document ID: EDOC1000079719

Views: 453867

Downloads: 4311

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next