Nortel 1624G Access Policy

[sheraz14]

Hello Everyone,

Im new in nortel core switching Line.. But i manage to control n configure lot of things..
But i have new task in my network where i have several vlan in which i have to restrict one vlan to communicate to the other vlan .. but still along with this .. i want to allow partcular range of ip to communicate to the other vlan network..

Let me explain to you more clearly ..

I have 4 vlans in my network .

vlan 2 = server
vlan 3 - client
vlan 4 = ITP (IP PHONE)
VLAN 10 = IPCAMERA

And all these vlan can communicate to eacother ...

now my management asked me to put access list to deny any communication in betweek vlan 10 to all rest of the vlans..
but the HR or admin guys should have have access to the vlan 10 ( and all management and HR is in vlan 2), so they can access the IPCAMERA interfaces..
i've attached my diagram in this threat .. so you people can understand more clearly what im trying to achive..

i have 1624G core switch
and rest of the switches are 5520 switches..

please explain me how i can do this via  JDM..


Regards

[Michael McNamara]

I would suggest you start with this document and let us know if you have any questions.

Configuring QoS and Filters using the CLI and Device Manager Ethernet Routing Switch1600 Series, Software Release 2.1.3

Good Luck!

[sheraz14]

Hello Micheal,

I couldnt get any help from this document ... it is about QOS & Filtering ..

I'm looking for IP Policy based help...

Regrds

[Michael McNamara]

That's exactly what "Filtering" covers... from Chapter 4 of the above document;

You can use Ethernet Routing Switch 1600 Series traffic filtering to block unwanted traffic and prioritize traffic. Selective traffic filtering allows you to efficiently manage bandwidth and protect your network. You determine which packets receive special handling based on information in the packet headers. Using traffic filters, you can reduce network congestion and control access to network resources by blocking, forwarding, or prioritizing specified traffic on an interface.

In your case you don't want to re-mark or re-classify the packets you want to drop them but that's where you would configure such an action.

Good Luck!

[sheraz14]

Hello Mic,

Filtering is not what im looking for .. i found one document for IP policy ... could you please take a look and help me to achieve this task...


Starting from Page 129 ...

Regards

[Michael McNamara]

The content you reference is about IP routing policies.... the ability to control the interaction between static routes, OSPF, RIP, BGP, etc.

You want to create IP filters to prevent a specific IP network from reaching A.B.C.D IP networks.

Good Luck!