Netgear GSM7328Sv1 7000 Series Managed Switch Administration Guide for Softwar - Page 148
Configuring IP ACLs, Process
View all Netgear GSM7328Sv1 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 148 highlights
NETGEAR 7000 Series Managed Switch Administration Guide Version 7.3 • L2 ACLs can apply to one or more interfaces • Multiple access lists can be applied to a single interface - sequence number determines the order of execution • You cannot configure a MAC ACL and an IP ACL on the same interface • You can assign packets to queues using the assign queue option • You can redirect packets using the redirect option Configuring IP ACLs IP ACLs classify for Layer 3. Each ACL is a set of up to ten rules applied to inbound traffic. Each rule specifies whether the contents of a given field should be used to permit or deny access to the network, and may apply to one or more of the following fields within a packet: • Source IP address • Destination IP address • Source Layer 4 port • Destination Layer 4 port • ToS byte • Protocol number Note that the order of the rules is important: when a packet matches multiple rules, the first rule takes precedence. Also, once you define an ACL for a given port, all traffic not specifically permitted by the ACL will be denied access. Process To configure ACLs, follow these steps: • Create an ACL by specifying a name (MAC ACL) or a number (IP ACL). • Add new rules to the ACL. • Configure the match criteria for the rules. • Apply the ACL to one or more interfaces. 12-2 v1.0, November 2008 Access Control Lists (ACLs)