Home » Linksys Manuals » Hubs & Switches » Linksys SGE2000 » Manual Viewer

Linksys SGE2000 Cisco SGE2000, SGE2000P Gigabit Ethernet Switch Reference Guid - Page 90

Dest. IP Address, IP Based ACL

UPC - 745883572120

View all Linksys SGE2000 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 90 highlights

Chapter 4 SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide • ICMP - Indicates if ICMP packets are permitted on the network. The possible field values are as follows:. • ICMP Code - Indicates and ICMP message code for filtering ICMP packets. ICMP packets that are filtered by ICMP message type can also be filtered by the ICMP message code. • IGMP - Filters packets by IGMP message or message types. • Source IP Address - Matches the source port IP address to which packets are addressed to the ACE. • Dest. IP Address - Matches the destination port IP address to which packets are addressed to the ACE. • Match DSCP - Matches the packet to the DSCP tag value. • Match IP Precedence - Matches the packet IP Precedence value to the ACE. Either the DSCP value or the IP Precedence value is used to match packets to ACLs. The possible field range is 0-7. • Source Port - Defines the TCP/UDP source port to which the ACE is matched. This field is active only if 800/6-TCP or 800/17-UDP are selected in the Select from List drop-down menu. The possible field range is 0 - 65535. • Destination Port - Defines the TCP/UDP destination port. This field is active only if 800/6-TCP or 800/17-UDP are selected in the Select from List drop-down menu. The possible field range is 0 65535. • Action - Indicates the action assigned to the packet matching the ACL. Packets are forwarded or dropped. In addition, the port can be shut down, a trap can be sent to the network administrator, or packet is assigned rate limiting restrictions for forwarding. The options are as follows: - Permit - Forwards packets which meet the ACL criteria. - Deny - Drops packets which meet the ACL criteria. - Shutdown - Drops packet that meets the ACL criteria, and disables the port to which the packet was addressed. Ports are reactivated from the Port Management page. Adding an IP Based Rule 1. Click Security Suite > Access Control > IP Based ACL. The IP Based ACL Page opens: 2. Click the Add ACL Rule button. The Add IP Based Rule Page opens: 82 Chapter 4: Configuring Device Security Defining Access Control

Section	Page
Getting Started	9
Starting the Application	9
Understanding the Interface	12
Device Representation	13
Using the Linksys Management Buttons	14
Using Screen and Table Options	15
Adding Device Information	15
Modifying Device Information	15
Deleting Device Information	16
Resetting the Device	17
Logging Off The Device	17
Managing Device Information	19
Understanding the Device Zoom View	19
Defining General System Information	20
SGE 2000P System Information	20
Managing Stacks	21
Building Automatically-Configured Stacks	22
Building a New Stack	22
Adding Units to a Running Stack	22
Building Manually-Configured Stacks	22
Building a New Stack	22
Adding Units to a Running Stack	22
Understanding Stack Resiliency	23
Understanding Advanced Stacking	23
Unit IDs	23
Stack Master	23
Stack Backup Master	23
Stack Members	24
Master-Enabled Units	24
Unit ID Allocation	24
Stack Unit Startup Process	25
Master Discovery Process	25
Master Election Process	25
Unit ID Allocation and Duplicate Unit ID Conflict Resolution	26
Configuring Units and Ports	27
Setting the Unit’s Operational Mode	27
Configuring the Stack Master and Unit ID	27
Resetting the Unit to Factory Default Mode	29
Understanding LED Indicators	29
Stack Troubleshooting and Maintenance	29
Replacing a Failed Member Stack Unit in an Operational Stack	29
Replacing a Failed Stack Master Unit in an Operational Stack	31
Splitting a Stack	32
The Stack Master and Backup Master Units Remain in a Group	32
The Stack Master or the Backup Master Unit Remains in a Group	32
Neither the Stack Master Unit or the Backup Master Unit Remains in the Group	33
Merging Two Stacks	34
Understanding Stacking Cable Failure	35
Inserting Too Many Units into a Stack	35
Inserting a Standalone Unit into a Running Stack	36
Viewing Device Health	36
Managing Power-over-Ethernet Devices	39
DefiningPoE System Information	39
Configuring Device Security	45
Passwords Management	46
Defining User Authentication	46
Defining Authentication	48
Defining Profiles	48
Mapping Profiles	50
Defining TACACS+	51
Defining RADIUS	55
Defining Access Method	59
Defining Access Profiles	59
Defining Profile Rules	62
Defining Traffic Control	68
Defining Storm Control	68
Defining Port Security	70
Defining 802.1x	74
Defining 802.1X Properties	75
Defining Port Authentication	76
Defining Multiple Hosts	79
Defining Authenticated Host	82
Defining Access Control	83
Defining MAC Based ACL	83
Defining IP Based ACL	85
Defining ACL Binding	92
Defining DOS Prevention	93
Global Settings	93
Defining Martian Addresses	95
Configuring Device Interfaces	97
Defining Port Settings	97
Defining LAG Management	102
Defining LAG Settings	104
Configuring LACP	107
Configuring VLANs	111
Defining VLAN Properties	112
Defining VLAN Membership	114
Defining Interface Settings	116
Configuring GVRP Settings	119
Protocol Group	122
Protocol Port	124
Configuring IP Information	127
Domain Name System	128
Defining DNS Server	128
Host Mapping	130
Configuring Layer 2	132
Configuring IP Addressing:	132
IP Interface	132
ARP	133
Configuring Layer 3	137
Configuring IP Addressing	137
IP Interface	137
ARP Proxy	140
UDP Relay	141
DHCP Relay	144
ARP	145
Defining IP Routing	148
Defining Address Tables	151
Defining Static Addresses	152
Defining Dynamic Addresses	154
Configuring Multicast Forwarding	157
IGMP Snooping	157
Defining Multicast Bridging Groups	160
Defining Multicast Forwarding	163
Configuring Spanning Tree	165
Defining STP on Interfaces	166
Defining Interface Settings	168
Defining Rapid Spanning Tree	172
Defining Multiple Spanning Tree	176
Defining MSTP Properties	177
Instance to VLAN	178
Instance Settings	178
Interface Settings	179
Configuring SNMP	185
SNMP v1 and v2	185
SNMP v3	185
Configuring SNMP Security	186
Defining Engine ID	186
Defining SNMP Views	187
Defining SNMP Users	189
Define SNMP Groups	191
Defining SNMP Communities	193
Defining Trap Management	197
Defining Trap Settings	197
Configuring Station Management	198
Defining SNMP Filter Settings	204
Configuring Quality of Service	207
Defining General Settings	208
Defining CoS	209
Defining Queue	210
Mapping CoS to Queue	212
Mapping DSCP to Queue	213
Configuring Bandwidth	213
Defining Advanced Mode	216
Configuring DSCP Mapping	216
Defining Class Mapping	217
Defining Aggregate Policer	219
Configuring Policy Table	222
Defining Policy Binding	225
Defining QoS Basic Mode	227
Managing System Files	229
File Management Overview	229
Firmware Upgrade	230
Save Configuration	231
Copy Files	232
Active Image	233
Managing System Logs	235
Enabling System Logs	235
Viewing the Device Memory Logs	237
Clearing Message Logs	237
Viewing the Flash Logs	238
Clearing Message Logs	238
Viewing Remote Logs	239
Configuring System Time	243
Defining System Time	244
Defining SNTP Settings	246
Defining SNTP Authentication	248
Viewing Statistics	251
Viewing Ethernet Statistics	251
Defining Ethernet Interface	251
Resetting Interface Statistics Counters	253
Viewing Etherlike Statistics	253
Resetting Etherlike Statistics Counters	255
Viewing GVRP Statistics	255
Resetting GVRP Statistics Counters	257
Viewing EAP Statistics	257
Managing RMON Statistics	260
Viewing RMON Statistics	261
Resetting RMON Statistics Counters	262
Configuring RMON History	263
Defining RMON History Control	263
Viewing the RMON History Table	266
Configuring RMON Events	267
Defining RMON Events Control	267
Viewing the RMON Events Logs	270
Defining RMON Alarms	271
Managing Device Diagnostics	277
Viewing Integrated Cable Tests	277
Performing Optical Tests	279
Configuring Port Mirroring	280
Defining CPU Utilization	283

Match case Limit results 1 per page

Chapter 4: Configuring Device Security

Defining Access Control

SGE2000/SGE2000P Gigabit Ethernet Switch Reference Guide

Chapter

•

ICMP

— Indicates if ICMP packets are permitted on the network. The possible field values

are as

follows:

•

ICMP Code

— Indicates and ICMP message code for filtering ICMP packets. ICMP packets that

are filtered by ICMP message type can also be filtered by the ICMP message code.

•

IGMP

— Filters packets by IGMP message or message types.

•

Source IP Address

— Matches the source port IP address to which packets are addressed to the

ACE.

•

Dest. IP Address

— Matches the destination port IP address to which packets are addressed to the

ACE.

•

Match DSCP

— Matches the packet to the DSCP tag value.

•

Match IP Precedence

— Matches the packet IP Precedence value to the ACE. Either the DSCP

value or the IP Precedence value is used to match packets to ACLs. The possible field range is 0-7.

•

Source Port

— Defines the TCP/UDP source port to which the ACE is matched. This field is active

only if

800/6-TCP

800/17-UDP

are selected in the

Select from List

drop-down menu. The

possible field range is 0 - 65535.

•

Destination Port

— Defines the TCP/UDP destination port. This field is active only if

800/6-TCP

800/17-UDP

are selected in the

Select from List

drop-down menu. The possible field range is 0 -

65535.

•

Action

— Indicates the action assigned to the packet matching the ACL. Packets are forwarded or

dropped. In addition, the port can be shut down, a trap can be sent to the network administrator, or

packet is assigned rate limiting restrictions for forwarding. The options are as follows:

–

Permit

— Forwards packets which meet the ACL criteria.

–

Deny

— Drops packets which meet the ACL criteria.

–

Shutdown

— Drops packet that meets the ACL criteria, and disables the port to which the

packet was addressed. Ports are reactivated from the

Port Management

page.

Adding an IP Based Rule

Click

Security Suite

Access Control

IP Based ACL

. The

IP Based ACL Page

opens:

Click the

Add ACL Rule

button. The

Add IP Based Rule Page

opens: