Netgear GSM7252PS ProSafe Managed Switch Web Management User Manual - Page 527
ACL Name, Action, Assign Queue Id, Ethertype User Value, Source MAC, Source MAC Mask, Destination MAC
UPC - 606449071665
View all Netgear GSM7252PS manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 527 highlights
ProSafe® Gigabit L3 Managed Stackable Switches Software Administration Manual To configure MAC ACL rules: 1. From the ACL Name field, specify the existing MAC ACL to which the rule will apply. To set up a new MAC ACL use the "MAC Binding Table" on page 6-530. 2. To add a new rule, enter a whole number in the range of (1 to 12) that will be used to identify the rule, configure the following settings, and click Add. • Action - Specify what action should be taken if a packet matches the rule's criteria. The choices are permit or deny. • Assign Queue Id - Specifies the hardware egress queue identifier used to handle all packets matching this ACL rule. Valid range of Queue Ids is (0 to 6). • CoS - Specifies the 802.1p user priority to compare against an Ethernet frame. Valid range of values is 0 to 7. • Ethertype User Value - Specifies the user defined customized Ethertype value to be used when the user has selected "User Value" as Ethertype Key, to compare against an Ethernet frame. Valid range of values is 0x0600 to 0xFFFF. • Source MAC - Specifies the Source MAC address to compare against an Ethernet frame. Valid format is (xx:xx:xx:xx:xx:xx). • Source MAC Mask - Specifies the Source MAC address mask specifying which bits in the Source MAC to compare against an Ethernet frame. Valid format is (xx:xx:xx:xx:xx:xx). • Destination MAC - Specifies the destination MAC address to compare against an Ethernet frame. Valid format is (xx:xx:xx:xx:xx:xx). The BPDU keyword may be specified using a Destination MAC address of 01:80:C2:xx:xx:xx. • Destination MAC Mask - Specifies the destination MAC address mask specifying which bits in the destination MAC to compare against an Ethernet frame. Valid format is (xx:xx:xx:xx:xx:xx). The BPDU keyword may be specified using a Destination MAC mask of 00:00:00:ff:ff:ff. VLAN - Specifies the VLAN ID to compare against an Ethernet frame. Valid range of values is 0 to 4095. Either VLAN Range or VLAN can be configured. • Logging - When set to 'Enable', logging is enabled for this ACL rule (subject to resource availability in the device). If the Access List Trap Flag is also enabled, this will cause periodic traps to be generated indicating the number of times this rule was 'hit' during the current report interval. A fixed 5 minute report interval is used for the entire system. A trap is not issued if the ACL rule hit count is zero for the current interval. This field is only supported for a 'Deny' Action. 3. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 4. To delete a rule, select the check box associated with the rule and click Delete. 5. To change a rule, select the check box associated with the rule, change the desired fields and click Apply. Configuration changes take effect immediately. Chapter 6. Managing Device Security | 527