On the Border Gateway Protocol > Filter List page you can create filter lists used to regulate traffic between networks based on IP address or AS number.
To create a filter list, do the following:
On the Filter List page, click New BGP Filter List.
The Add BGP Filter List dialog box opens.
Make the following settings:
Name: Enter a descriptive name for the filter list.
Filter by: Select whether the filter should match the IP address of a particular router or a whole AS.
Networks: Add or select networks and/or hosts that should be denied or permitted information on certain networks. How to add a definition is explained on the Definitions & Users > Network Definitions > Network Definitions page.
Action: From the drop-down list, select an action that should be taken if a filter matches. You can either deny or permit traffic.
Note – If the filter rule is set to Deny for a network and to Permit for a host on the same network, the traffic will be denied. To pass traffic to specific hosts only, the rule set should be Permit for the network and Deny for all hosts except the specific hosts.
The filter list appears on the Filter List list.
You can now use the filter list on a neighbor definition.
|© 2019 Sophos Limited
|Sophos UTM 9.600