Hi everyone,
I have a problem with configuring qos policies to control traffic between vlans.
on example in my scenario:
vlan110 (admin) should have access to all other vlans. VLAN104 is my guest vlan. I can easliy allow traffic from vlan110->any.
But.. If I am dropping the traffic from vlan104->vlan110, I cannot ping the host in vlan104 because the replys were dropped by the switch.
I dont want to create for every service a allow-policy in both directions.
What is the easiest way to configure this on the switch?
Best and thanks!
Alex
qos policy control vlan traffic
Re: qos policy control vlan traffic
Hi,
this is possible - but don't forgett: the switch isn't a stateful firewall. So you have to confifigure policies for every direction.
Your wish is possible with the "policy condition established". When an initial TCP connection packet is received only the syn flag is set. As a result, TCP packets are only examined if they are not the starting packet. So you can use it to forbit the first answer packet of a tcp session - and so it is not possible to establisch a tcp session in one direction. For more infos look into the cli guide.
regards
Silvio
this is possible - but don't forgett: the switch isn't a stateful firewall. So you have to confifigure policies for every direction.
Your wish is possible with the "policy condition established". When an initial TCP connection packet is received only the syn flag is set. As a result, TCP packets are only examined if they are not the starting packet. So you can use it to forbit the first answer packet of a tcp session - and so it is not possible to establisch a tcp session in one direction. For more infos look into the cli guide.
regards
Silvio
Return to “OmniSwitch 6850 / 6850E”
Jump to
- General topics
- ↳ Talk to the admins
- ↳ GENERAL
- ↳ Outside World
- ↳ PARTS
- ↳ Pre-Sales
- ↳ JOBS
- ↳ Remote assistance contracts
- ↳ Actis
- ↳ Equipement Pictures
- ↳ OT/OXE/OXO FEATURES REQUESTS
- ↳ Lucent Technologies
- IF YOU ARE NOT TECHNICALLY TRAINED ON THOSE PBX, PLEASE POST IN ONE OF THOSE FORUMS
- ↳ Beginner's questions about the Crystal Hardware
- ↳ Beginner's questions about the Common Hardware
- ↳ Beginner's questions about the (4400 / Enterprise) PHONE APPLICATION or OPERATING SYSTEM
- ↳ Beginner's questions about the OmniPCX OFFICE
- VOICE - Documentation
- ↳ OXE (Crystal / Common) - System Documentation
- ↳ 4760
- ↳ OXO - System Documentation
- ↳ Documentation
- VOICE - OXE (OmniPCX Enterprise)
- ↳ Shelf
- ↳ Media Gateway
- ↳ PWT/DECT System
- ↳ System
- ↳ Translator
- ↳ Classes of Services
- ↳ Attendant
- ↳ Users
- ↳ Users by profile
- ↳ Set Profile
- ↳ Groups
- ↳ Speed Dialing
- ↳ Phone Book
- ↳ Entities
- ↳ Trunk Groups
- ↳ External Services
- ↳ Inter-Node Links
- ↳ X25
- ↳ Data
- ↳ Application
- ↳ Specific Telephone Services
- ↳ ATM
- ↳ Event Routing Discriminator
- ↳ Security and Access Control
- ↳ IP
- ↳ SIP
- ↳ DHCP Configuration
- ↳ Alcatel-Lucent Series 8&9
- ↳ SIP Extension
- ↳ Encryption
- ↳ Passive Communication Server
- ↳ SNMP Configuration
- VOICE - OXE - Common topics
- ↳ MAIN
- ↳ ACTIS
- ↳ Asterisk
- ↳ Boards
- ↳ Bugs & Security issues
- ↳ Equipment Pictures
- ↳ Feature Request
- ↳ H323 / Sip
- ↳ IP / VoIP
- ↳ IP SECURITY / ENCRYPTION (Thales)
- ↳ ipTouch (40x8) issues and tricks
- ↳ Linux tricks
- ↳ MOH
- ↳ ON SITE TROUBLES
- ↳ Phones
- ↳ Sipfoundry
- ↳ Software Loading
- ↳ Swinst
- ↳ System Hacking
- ↳ Traces
- ↳ Usefull commands
- ↳ Voice Guides
- ↳ VMWARE
- ↳ Wireless configuration and sets
- VOICE - OpenTouch
- ↳ MAIN
- ↳ OTEC - OpenTouch Enterprise Cloud
- ↳ OTBE - OpenTouch Business Edition
- ↳ OTMS - OpenTouch Multimedia Services
- ↳ OTSBC - OpenTouch Session Border Controller
- ↳ OTNS - OpenTouch Notification Service
- ↳ OTMC - OpenTouch Message Center
- ↳ OTFC - OpenTouch Fax Center
- ↳ OpenTouch Conversation
- ↳ Smart Guest Applications
- VOICE - BiCS
- ↳ MAIN
- VOICE - OXO
- ↳ MAIN
- ↳ Configuration
- ↳ 42xx Systems
- ↳ Networking
- ↳ H323 / IP / Pimphony
- ↳ Internet and related
- ↳ Applications
- ↳ Hotel mode
- ↳ DECT
- ↳ Hardware
- VOICE - Omni Suite
- ↳ OmniTouch 8400 Instant Communication Suite
- ↳ OmniTouch 8410 Instant Communication Web Services
- ↳ OmniTouch 8440 Messaging Software
- ↳ OmniTouch 8450 Fax Software
- ↳ OmniTouch 8460 Advanced Communication Server
- ↳ OmniTouch 8464 Meet-me Audio Conference Bridge
- ↳ OmniTouch 8660 My Teamwork Conferencing and Collaboration
- ↳ OmniTouch 8670 Automated Message Delivery System
- ↳ OmniTouch Contact Center Standard Edition
- ↳ OmniTouch Contact Center Premium Edition
- VOICE - Applications
- ↳ AECS - Alcatel Extended Communication Server
- ↳ Alcatel OpenTouch Customer Service
- ↳ Aviso
- ↳ Call Center SoftPanel (ALU ProServices)
- ↳ CCD / CCS / CCIVR
- ↳ Free Desktop
- ↳ GENESYS
- ↳ Hotel / Hospital
- ↳ Ip Desktop Softphone
- ↳ IpTouch Phones XML Applications
- ↳ MSAD
- ↳ MyIC (My Instant Communicator)
- ↳ My Messaging / IMAP
- ↳ My Teamwork (ex-eDial)
- ↳ OmniPCX Record
- ↳ OmniVista 4760
- ↳ OmniVista 8770
- ↳ OTUC
- ↳ PREMIUM / GCE
- ↳ Rainbow
- ↳ Ubiquity
- ↳ ENS - Emergency Notification Server
- ↳ VNA - Visual Notification Assistant
- ↳ VAA - Visual Auto Attendant
- ↳ VitalSuite
- ↳ VitalQIP
- ↳ Voicemail (46x5)
- ↳ XML Presentation Server & TAPI Server
- ↳ 4980 - WebSoftPhone
- ↳ 4625 Interactive Voice Response
- VOICE - Third Party Applications
- ↳ AGITO NETWORKS
- ↳ AUDIOCODES
- ↳ ASTERISK
- ↳ AVST
- ↳ CISCO
- ↳ NGINX
- ↳ NICE
- ↳ Notification Systems
- ↳ OAK
- ↳ SOURCE TECH
- ↳ systel
- ↳ IP Touch apps
- ↳ Click2Dial
- ↳ MYIC apps
- Alcatel Unleashed tools, documentations, and misc files...
- ↳ DIALER
- ↳ VM_BACKUP
- ↳ ipview analyzer
- ↳ "Home Made" documentations
- ↳ Alcatel Misc Documentation
- ↳ infocollect
- ↳ motview
- ↳ Other Alcatel-Lucent tools
- ↳ OFFICIAL TC's
- ↳ sngrep
- Developer's corner
- ↳ AHL / OHL
- ↳ Alarming, Notification & Location
- ↳ CCTI / CCA
- ↳ CSTA
- ↳ My IC Phone
- ↳ My IP Touch Service for Enterprise
- ↳ O2G
- ↳ OmniVista 8770 User Provisioning
- ↳ SIP
- ↳ TAPI
- ↳ TSAPI
- ↳ Web Services
- Alcatel Data Equipment
- ↳ Security
- ↳ OmniAccess 3500 Nonstop Laptop Guardian
- ↳ Mobility
- ↳ OmniAccess WLAN Switching Systems
- ↳ OmniAccess WLAN 4302
- ↳ OmniAccess Wireless Access Points 41
- ↳ OmniAccess Wireless Access Points 65
- ↳ OmniAccess Wireless Access Points 60/61/70
- ↳ OmniAccess Wireless Access Points 80M
- ↳ Mobile IP Phones
- ↳ OmniAccess Devices
- ↳ OmniAccess 5780
- ↳ OmniAccess 5740
- ↳ OmniAccess 5510
- ↳ Network Management
- ↳ Omnivista
- ↳ Omnivista Mobility Manager
- DATA - Documentation
- ↳ Technical papers
- ↳ Troubleshooting guides
- DATA - Lan Switching
- ↳ OmniSwitch 10k
- ↳ OmniSwitch 9900
- ↳ OmniSwitch 9000 / 9000E
- ↳ OmniSwitch 6900
- ↳ OmniSwitch 6865
- ↳ OmniSwitch 6860 / 6860E
- ↳ OmniSwitch 6855
- ↳ OmniSwitch 6850 / 6850E
- ↳ OmniSwitch 6560
- ↳ OmniSwitch 6465
- ↳ OmniSwitch 6450
- ↳ OmniSwitch 6400
- ↳ OmniSwitch 6360
- ↳ OmniSwitch 6350
- ↳ OmniSwitch 6250
- ↳ OmniSwitch 2220
- ↳ OmniSwitch 2260 / 2360
- ↳ Legacy Devices (OS4024, XOS, OmniCore)
- ↳ OmniSwitch 6600 / 7000 / 8800
- ↳ OmniSwitch 6800
- ↳ OmniStack LS 6200
- ↳ Misc
- DATA - WLAN, Mobility and WAN
- ↳ OmniAccess WLAN Switching Systems (OEM)
- ↳ OmniAccess Wireless Access Points
- ↳ Mobile IPTouch Phones (MIPT)
- ↳ OmniAccess Stellar Express
- ↳ OmniAccess Stellar Enterprise
- ↳ OmniAccess 3500 Nonstop Laptop Guardian
- ↳ Brick VPN Firewall
- ↳ OmniAccess 5740/5780
- ↳ OmniAccess ESR 5720
- ↳ OmniAccess 5510
- DATA - Network Management
- ↳ OmniVIsta 3600 Air Manager
- ↳ OmniVista 2500 v4.x
- ↳ OmniVista 2500 v3.5
- ↳ OmniVista 2500/2700 v3.4 and older
- ↳ OmniVista Cirrus
- ↳ Alcatel Quarantine Manager
- ↳ Fortigate Security
- DATA - Service Provider
- ↳ 5520 ASAM
- ↳ 5620 SAM
- ↳ 5650 CPAM
- ↳ 5670 RAM
- ↳ 5750 SSC
- ↳ 7210 SAS
- ↳ 7360 ISAM
- ↳ 7450 ESS
- ↳ 7450 Ethernet Service Switch
- ↳ 7750 Service Router
- ↳ 7705 SAR
- ↳ 7750 SR
