Home » Linksys Manuals » Hubs & Switches » Linksys SGE2000 » Manual Viewer

Linksys SGE2000 Cisco SGE2000, SGE2000P Gigabit Ethernet Switch Reference Guid - Page 87

Flag Set, ICMP Type, ICMP Code, Source, IP Address, Destination, Match DSCP, IP Prec, Action - acl

UPC - 745883572120

View all Linksys SGE2000 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 87 highlights

Chapter SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide 4 - L2IP - Matches the packet to Layer 2 Internet Protocol (L2IP). - ISIS - Indicates that the Intermediate System to Intermediate System (ISIS) protocol is used to classify network flows. • Flag Set - Sets the indicated TCP flag that can be triggered. • ICMP Type - Filters packets by ICMP message type. The field values is 0-255. • ICMP Code - Indicates and ICMP message code for filtering ICMP packets. ICMP packets that are filtered by ICMP message type can also be filtered by the ICMP message code. • IGMP Type - Filters packets by IGMP message or message types. • Source IP Address - Matches the source port IP address to which packets are addressed to the ACE. Mask - Defines the source IP address wildcard mask. Wildcard masks specify which bits are used and which bits are ignored. A wild card mask of 255.255.255.255 indicates that no bit is important. A wildcard of 0.0.0.0 indicates that all the bits are important. For example, if the source IP address 149.36.184.198 and the wildcard mask is 255.36.184.00, the first eight bits of the IP address are ignored, while the last eight bits are used. • Destination IP Address - Matches the destination port IP address to which packets are addressed to the ACE. Mask - Defines the destination IP address wildcard mask. Select either Match DSCP or Match IP • DCSP - Matches the packets DSCP value. • IP Prec - Matches the packet IP Precedence value to the ACE. Either the DSCP value or the IP Precedence value is used to match packets to ACLs. The possible field range is 0-7. • Action - Indicates the action assigned to the packet matching the ACL. Packets are forwarded or dropped. In addition, the port can be shut down, a trap can be sent to the network administrator, or packet is assigned rate limiting restrictions for forwarding. The options are as follows: - Permit - Forwards packets which meet the ACL criteria. - Deny - Drops packets which meet the ACL criteria. - Shutdown - Drops packet that meets the ACL criteria, and disables the port to which the packet was addressed. Ports are reactivated from the Port Management page. - Match IP Precedence - Matches the packet IP Precedence value to the ACE. Either the DSCP value or the IP Precedence value is used to match packets to ACLs. The possible field range is 0-7. 2. Click the Add Button. The Add IP Based ACL Page opens: Chapter 4: Configuring Device Security 79 Defining Access Control

Section	Page
Getting Started	9
Starting the Application	9
Understanding the Interface	12
Device Representation	13
Using the Linksys Management Buttons	14
Using Screen and Table Options	15
Adding Device Information	15
Modifying Device Information	15
Deleting Device Information	16
Resetting the Device	17
Logging Off The Device	17
Managing Device Information	19
Understanding the Device Zoom View	19
Defining General System Information	20
SGE 2000P System Information	20
Managing Stacks	21
Building Automatically-Configured Stacks	22
Building a New Stack	22
Adding Units to a Running Stack	22
Building Manually-Configured Stacks	22
Building a New Stack	22
Adding Units to a Running Stack	22
Understanding Stack Resiliency	23
Understanding Advanced Stacking	23
Unit IDs	23
Stack Master	23
Stack Backup Master	23
Stack Members	24
Master-Enabled Units	24
Unit ID Allocation	24
Stack Unit Startup Process	25
Master Discovery Process	25
Master Election Process	25
Unit ID Allocation and Duplicate Unit ID Conflict Resolution	26
Configuring Units and Ports	27
Setting the Unit’s Operational Mode	27
Configuring the Stack Master and Unit ID	27
Resetting the Unit to Factory Default Mode	29
Understanding LED Indicators	29
Stack Troubleshooting and Maintenance	29
Replacing a Failed Member Stack Unit in an Operational Stack	29
Replacing a Failed Stack Master Unit in an Operational Stack	31
Splitting a Stack	32
The Stack Master and Backup Master Units Remain in a Group	32
The Stack Master or the Backup Master Unit Remains in a Group	32
Neither the Stack Master Unit or the Backup Master Unit Remains in the Group	33
Merging Two Stacks	34
Understanding Stacking Cable Failure	35
Inserting Too Many Units into a Stack	35
Inserting a Standalone Unit into a Running Stack	36
Viewing Device Health	36
Managing Power-over-Ethernet Devices	39
DefiningPoE System Information	39
Configuring Device Security	45
Passwords Management	46
Defining User Authentication	46
Defining Authentication	48
Defining Profiles	48
Mapping Profiles	50
Defining TACACS+	51
Defining RADIUS	55
Defining Access Method	59
Defining Access Profiles	59
Defining Profile Rules	62
Defining Traffic Control	68
Defining Storm Control	68
Defining Port Security	70
Defining 802.1x	74
Defining 802.1X Properties	75
Defining Port Authentication	76
Defining Multiple Hosts	79
Defining Authenticated Host	82
Defining Access Control	83
Defining MAC Based ACL	83
Defining IP Based ACL	85
Defining ACL Binding	92
Defining DOS Prevention	93
Global Settings	93
Defining Martian Addresses	95
Configuring Device Interfaces	97
Defining Port Settings	97
Defining LAG Management	102
Defining LAG Settings	104
Configuring LACP	107
Configuring VLANs	111
Defining VLAN Properties	112
Defining VLAN Membership	114
Defining Interface Settings	116
Configuring GVRP Settings	119
Protocol Group	122
Protocol Port	124
Configuring IP Information	127
Domain Name System	128
Defining DNS Server	128
Host Mapping	130
Configuring Layer 2	132
Configuring IP Addressing:	132
IP Interface	132
ARP	133
Configuring Layer 3	137
Configuring IP Addressing	137
IP Interface	137
ARP Proxy	140
UDP Relay	141
DHCP Relay	144
ARP	145
Defining IP Routing	148
Defining Address Tables	151
Defining Static Addresses	152
Defining Dynamic Addresses	154
Configuring Multicast Forwarding	157
IGMP Snooping	157
Defining Multicast Bridging Groups	160
Defining Multicast Forwarding	163
Configuring Spanning Tree	165
Defining STP on Interfaces	166
Defining Interface Settings	168
Defining Rapid Spanning Tree	172
Defining Multiple Spanning Tree	176
Defining MSTP Properties	177
Instance to VLAN	178
Instance Settings	178
Interface Settings	179
Configuring SNMP	185
SNMP v1 and v2	185
SNMP v3	185
Configuring SNMP Security	186
Defining Engine ID	186
Defining SNMP Views	187
Defining SNMP Users	189
Define SNMP Groups	191
Defining SNMP Communities	193
Defining Trap Management	197
Defining Trap Settings	197
Configuring Station Management	198
Defining SNMP Filter Settings	204
Configuring Quality of Service	207
Defining General Settings	208
Defining CoS	209
Defining Queue	210
Mapping CoS to Queue	212
Mapping DSCP to Queue	213
Configuring Bandwidth	213
Defining Advanced Mode	216
Configuring DSCP Mapping	216
Defining Class Mapping	217
Defining Aggregate Policer	219
Configuring Policy Table	222
Defining Policy Binding	225
Defining QoS Basic Mode	227
Managing System Files	229
File Management Overview	229
Firmware Upgrade	230
Save Configuration	231
Copy Files	232
Active Image	233
Managing System Logs	235
Enabling System Logs	235
Viewing the Device Memory Logs	237
Clearing Message Logs	237
Viewing the Flash Logs	238
Clearing Message Logs	238
Viewing Remote Logs	239
Configuring System Time	243
Defining System Time	244
Defining SNTP Settings	246
Defining SNTP Authentication	248
Viewing Statistics	251
Viewing Ethernet Statistics	251
Defining Ethernet Interface	251
Resetting Interface Statistics Counters	253
Viewing Etherlike Statistics	253
Resetting Etherlike Statistics Counters	255
Viewing GVRP Statistics	255
Resetting GVRP Statistics Counters	257
Viewing EAP Statistics	257
Managing RMON Statistics	260
Viewing RMON Statistics	261
Resetting RMON Statistics Counters	262
Configuring RMON History	263
Defining RMON History Control	263
Viewing the RMON History Table	266
Configuring RMON Events	267
Defining RMON Events Control	267
Viewing the RMON Events Logs	270
Defining RMON Alarms	271
Managing Device Diagnostics	277
Viewing Integrated Cable Tests	277
Performing Optical Tests	279
Configuring Port Mirroring	280
Defining CPU Utilization	283

Match case Limit results 1 per page

Chapter 4: Configuring Device Security

Defining Access Control

SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide

Chapter

–

L2IP

— Matches the packet to Layer 2 Internet Protocol (L2IP).

–

ISIS

— Indicates that the Intermediate System to Intermediate System (ISIS) protocol is

used to classify network flows.

•

Flag Set

— Sets the indicated TCP flag that can be triggered.

•

ICMP Type

— Filters packets by ICMP message type. The field values is 0-255.

•

ICMP Code

— Indicates and ICMP message code for filtering ICMP packets. ICMP packets that

are filtered by ICMP message type can also be filtered by the ICMP message code.

•

IGMP

Type

— Filters packets by IGMP message or message types.

•

Source

IP Address

— Matches the source port IP address to which packets are addressed to the ACE.

Mask

— Defines the source IP address wildcard mask. Wildcard masks specify which bits are used

and which bits are ignored. A wild card mask of 255.255.255.255 indicates that no bit is important.

A wildcard of 0.0.0.0 indicates that all the bits are important. For example, if the source IP address

149.36.184.198 and the wildcard mask is 255.36.184.00, the first eight bits of the IP address are

ignored, while the last eight bits are used.

•

Destination

IP Address

— Matches the destination port IP address to which packets are addressed to the ACE.

Mask

— Defines the destination IP address wildcard mask. Select either

Match DSCP

Match IP

•

DCSP

— Matches the packets DSCP value.

•

IP Prec

— Matches the packet IP Precedence value to the ACE. Either the DSCP value or the IP

Precedence value is used to match packets to ACLs. The possible field range is 0-7.

•

Action

— Indicates the action assigned to the packet matching the ACL. Packets are forwarded or

dropped. In addition, the port can be shut down, a trap can be sent to the network administrator, or

packet is assigned rate limiting restrictions for forwarding. The options are as follows:

–

Permit

— Forwards packets which meet the ACL criteria.

–

Deny

— Drops packets which meet the ACL criteria.

–

Shutdown

— Drops packet that meets the ACL criteria, and disables the port to which the

packet was addressed. Ports are reactivated from the

Port Management

page.

–

Match IP Precedence —

Matches the packet IP Precedence value to the ACE. Either the

DSCP value or the IP Precedence value is used to match packets to ACLs. The possible field

range is 0-7.

Click the

Add

Button. The

Add IP Based ACL Page

opens: