Administration of the Avaya G350 Media Gateway - Avaya Support
Administration of the Avaya G350 Media Gateway - Avaya Support Administration of the Avaya G350 Media Gateway - Avaya Support
Configuring policyComposite operationsThis section describes composite operations and includes the following topics:●●●●●Overview of composite operations — an overview of composite operations and how theyare usedPre-configured composite operations for access control lists — a list and descriptions ofthe pre-configured composite operations that you can use in access control list rulesPre-configured composite operations for QoS lists — a list and descriptions of thepre-configured composite operations that you can use in QOS list rulesConfiguring composite operations — instructions on how to configure additional compositeoperationsComposite operation example — an example of configuring a composite operation andattaching it to a ruleOverview of composite operationsA composite operation is a set of operations that the G350 can perform when a rule matches apacket. Every rule in a policy list has an operation field that specifies a composite operation.The operation field determines how the G350 handles a packet when the rule matches thepacket.There are different composite operations for access control list rules and QoS list rules. Foreach type of list, the G350 includes a pre-configured list of composite operations. You cannotchange or delete pre-configured composite operations. You can define additional compositeoperations.Pre-configured composite operations for access control listsThe following table lists the pre-configured entries in the composite operation table for rules inan access control list:No Name Access Notify Reset Connection0 Permit forward no trap no reset1 Deny deny no trap no reset2 Deny-Notify deny trap all no reset3 Deny-Rst deny no trap reset4 Deny-Notify-Rst deny trap all reset266 Administration of the Avaya G350 Media Gateway
Composite operationsEach column represents the following:●●●●●No — a number identifying the operationName — a name identifying the operation. Use this name to attach the operation to a rule.Access — determines whether the operation forwards (forward) or drops (deny) thepacketNotify — determines whether the operation causes the G350 to send a trap when it dropsa packetReset Connection — determines whether the operation causes the G350 to reset theconnection when it drops a packetPre-configured composite operations for QoS listsTable 10: Pre-configured QoS list composite operations on page 267 lists the pre-configuredentries in the composite operation table for rules in a QoS list:Each column represents the following:●●Table 10: Pre-configured QoS list composite operationsNo Name CoS DSCP Trust0 CoS0 cos0 no change No1 CoS1 cos1 no change No2 CoS2 cos2 no change No3 CoS3 cos3 no change No4 CoS4 cos4 no change No5 CoS5 cos5 no change No6 CoS6 cos6 no change No7 CoS7 cos7 no change No9 No-Change no change no change No10 Trust-DSCP - - DSCP11 Trust-DSCP-CoS - - DSCP and CoSNo — a number identifying the operationName — a name identifying the operation. Use this name to attach the operation to a rule.Issue 3 January 2005 267
- Page 216 and 217: Configuring IPSec VPN9. Exit crypto
- Page 218 and 219: Configuring IPSec VPNIPSec VPN main
- Page 220 and 221: Configuring IPSec VPN2. Use the set
- Page 222 and 223: Configuring IPSec VPNConfiguring th
- Page 224 and 225: Configuring IPSec VPNip-rule 30sour
- Page 226 and 227: Configuring IPSec VPNFull or partia
- Page 228 and 229: Configuring IPSec VPN2. Configure b
- Page 230 and 231: Configuring IPSec VPNip-rule 4sourc
- Page 232 and 233: Configuring IPSec VPNip-rule 10sour
- Page 234 and 235: Configuring IPSec VPN2. Configure B
- Page 236 and 237: Configuring IPSec VPNip-rule 20sour
- Page 238 and 239: Configuring IPSec VPNInterface vlan
- Page 240 and 241: Configuring IPSec VPN3. Allowed ICM
- Page 242 and 243: Configuring IPSec VPNip access-cont
- Page 244 and 245: Configuring IPSec VPNip-rule 70sour
- Page 246 and 247: Configuring IPSec VPNFigure 21: Ful
- Page 248 and 249: Configuring IPSec VPNConfiguration
- Page 250 and 251: Configuring IPSec VPNip-rule 30sour
- Page 252 and 253: Configuring IPSec VPN252 Administra
- Page 254 and 255: Configuring policyAccess control li
- Page 256 and 257: Configuring policyDefining policy l
- Page 258 and 259: Configuring policyAttaching policy
- Page 260 and 261: Configuring policyDevice-wide polic
- Page 262 and 263: Configuring policyEditing and creat
- Page 264 and 265: Configuring policySource and destin
- Page 268 and 269: Configuring policy●●●CoS —
- Page 270 and 271: Configuring policyThe following com
- Page 272 and 273: Configuring policySimulating packet
- Page 274 and 275: Configuring policy-based routingPol
- Page 276 and 277: Configuring policy-based routingCon
- Page 278 and 279: Configuring policy-based routing●
- Page 280 and 281: Configuring policy-based routingMod
- Page 282 and 283: Configuring policy-based routingEdi
- Page 284 and 285: Configuring policy-based routingIn
- Page 286 and 287: Configuring policy-based routingThe
- Page 288 and 289: Setting synchronizationIf, for any
- Page 290 and 291: FIPSFigure 26: Image of the cryptog
- Page 292 and 293: FIPSSupported algorithmsThe cryptog
- Page 294 and 295: FIPSSecurity levelThe cryptographic
- Page 296 and 297: FIPSTable 14: Roles and required id
- Page 298 and 299: FIPSTable 15: Critical security par
- Page 300 and 301: FIPSCSP access rights within roles
- Page 302 and 303: FIPSTable 18 shows Role and Service
- Page 304 and 305: FIPSTable 18: Role and service acce
- Page 306 and 307: FIPSPassword guidelinesBelow are ge
- Page 308 and 309: FIPS2. Define the PMI (Primary Mana
- Page 310 and 311: FIPS10. Physically disconnect all n
- Page 312 and 313: FIPS18. To configure all interfaces
- Page 314 and 315: FIPS●Use the snmp-server user use
Composite operationsEach column represents <strong>the</strong> following:●●●●●No — a number identifying <strong>the</strong> operationName — a name identifying <strong>the</strong> operation. Use this name to attach <strong>the</strong> operation to a rule.Access — determines whe<strong>the</strong>r <strong>the</strong> operation forwards (forward) or drops (deny) <strong>the</strong>packetNotify — determines whe<strong>the</strong>r <strong>the</strong> operation causes <strong>the</strong> <strong>G350</strong> to send a trap when it dropsa packetReset Connection — determines whe<strong>the</strong>r <strong>the</strong> operation causes <strong>the</strong> <strong>G350</strong> to reset <strong>the</strong>connection when it drops a packetPre-configured composite operations for QoS listsTable 10: Pre-configured QoS list composite operations on page 267 lists <strong>the</strong> pre-configuredentries in <strong>the</strong> composite operation table for rules in a QoS list:Each column represents <strong>the</strong> following:●●Table 10: Pre-configured QoS list composite operationsNo Name CoS DSCP Trust0 CoS0 cos0 no change No1 CoS1 cos1 no change No2 CoS2 cos2 no change No3 CoS3 cos3 no change No4 CoS4 cos4 no change No5 CoS5 cos5 no change No6 CoS6 cos6 no change No7 CoS7 cos7 no change No9 No-Change no change no change No10 Trust-DSCP - - DSCP11 Trust-DSCP-CoS - - DSCP and CoSNo — a number identifying <strong>the</strong> operationName — a name identifying <strong>the</strong> operation. Use this name to attach <strong>the</strong> operation to a rule.Issue 3 January 2005 267