No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>


To have a better experience, please upgrade your IE browser.


Making use of acl to father control of blacklist

Publication Date:  2012-09-11 Views:  520 Downloads:  0
Issue Description
User enabled attack defense enables blacklist function of firewall, but users from internal network added into blacklist sometimes and can’t access the internet, what we want is to remove internal network address from blacklist and make user away from the influence of blacklist.
Alarm Information
Handling Process
1、 Binding acl when enable blacklist for implement according to requires from customer.
firewall blacklist enable acl-number ?
INTEGER<2000-2999> Specify the basic ACL
INTEGER<3000-3999> Specify the advanced ACL
2、 for example: internal network of customer is network segment, if network segment wants to get away from the influence of blacklist, the configuration is:
acl number 3000
rule 5 permit ip source
rule 10 deny ip
firewall blacklist enable acl-number 3000
the theory of implement is reference a ACL when configure blacklist function, for message from blacklist ip address, if the defined action in ACL is permit, then go on forwarding, if the defined action in ACL is deny, then dropping this message.
Root Cause