Sample ACL Policies

The following are sample policies that you can apply to restrict Telnet access.

In the following example named MyAccessProfile.pol, the switch permits connections from the subnet 10.203.133.0 /24 and denies connections from all other addresses:

MyAccessProfile.pol
entry  AllowTheseSubnets {
	if  {
		source-address 10.203.133.0 /24;
	} then {
		permit;
	}
}

In the following example named MyAccessProfile.pol, the switch permits connections from the subnets 10.203.133.0 /24 or 10.203.135.0/24 and denies connections from all other addresses:

MyAccessProfile.pol
entry  AllowTheseSubnets {
	if match any {
		source-address 10.203.133.0 /24;
		source-address 10.203.135.0 /24;
	} then {
		permit;
	}
}

In the following example named MyAccessProfile_2.pol, the switch does not permit connections from the subnet 10.203.133.0 /24 but accepts connections from all other addresses:

MyAccessProfile_2.pol
entry dontAllowTheseSubnets {
	if {
		source-address 10.203.133.0 /24;
	} then {
		deny;
	}
}
entry  AllowTheRest {
	if  {
		; #none specified
	} then {
		permit;
	}
}

In the following example named MyAccessProfile_2.pol, the switch does not permit connections from the subnets 10.203.133.0/24 or 10.203.135.0 /24 but accepts connections from all other addresses:

MyAccessProfile_2.pol
entry dontAllowTheseSubnets {
	if match any {
		source-address 10.203.133.0 /24;
		source-address 10.203.135.0 /24;
	} then {
		deny;
	}
}
entry  AllowTheRest {
	if  {
		; #none specified
	} then {
		permit;
	}
}