Device Online Help # Go back one pageGo to the next page#Go to this book's Index

Dropping TCP flows

The example that follows explains how to drop TCP flows. Specifically, it involves dropping both Telnet and FTP so that they no longer egress from VLAN 10 only .

To drop traffic based on the destination TCP port number, follow these steps. (Note that they show how to configure filtering based upon the assumption that you have already configured the VLANs using VLAN names, 10, 11, and 12).

  1. From the Device Manager menu bar, choose IP Routing > Filter.
  2. The ACL dialog box opens with the Template Mode tab displayed.
    By default, Template Mode 1 should already be set for l4-switch.
  3. Click the Flow Classifier tab.
  4. The Flow Classifier tab opens.
  5. Click L4SwitchTCPDstPort and then select true from the selection menu that appears:
  6. Click the Template Rule tab.
  7. The Template Rule tab opens.
  8. Click Insert to access the ACL, Insert Template Rule dialog.
    1. Add the following two rules:
    2. ­ TCP dst port = 21.
      ­ TCP dst port =22.
    3. After adding the first rule, click Insert and then add the second rule.
    4. Be sure to leave the default L4SwitchActionType as drop.
  9. Click Close to exit the ACL, Insert Template Rule dialog.
  10. Click the Bind VLAN tab on the ACL dialog.
  11. The Bind VLAN tab opens.
  12. Click Insert to insert a bind VLAN.
  13. The ACL, Insert Bind VLAN dialog box opens.
  14. Select 1 as the TemplateId.
  15. Click the ellipsis button.
  16. The VlanName selection box opens.
  17. Select 10 as the VLAN name and click OK.
  18. Click Close to exit the ACL, Insert Bind VLAN dialog.
  19. Click Close to return to the main Device Manager window.

Go back one pageGo to the next page##Go to this book's Index