Cisco ESW-540-8P Administration Guide - Page 178
Traffic Class, Permit, Shutdown, Port Management
UPC - 882658304057
View all Cisco ESW-540-8P manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 178 highlights
Configuring Device Security Defining Access Control 5 • Source Port - Defines the TCP/UDP source port to which the ACE is matched. This field is active only if 800/6-TCP or 800/17-UDP are selected in the Select from List drop-down list. The possible field range is 0 - 65535. • Destination Port - Defines the TCP/UDP destination port. This field is active only if 800/6-TCP or 800/17-UDP are selected in the Select from List dropdown list. The possible field range is 0 - 65535. • TCP Flags - Filters packets by TCP EtherChannel. Filtered packets are either forwarded or dropped. Filtering packets by TCP EtherChannels increases packet control, which increases network security. • ICMP - Indicates if ICMP packets are permitted on the network. The possible field values are as follows: • ICMP Code - Indicates and ICMP message code for filtering ICMP packets. ICMP packets that are filtered by ICMP message type can also be filtered by the ICMP message code. • IGMP - Filters packets by IGMP message or message types. • Source IP Address - Matches the source port IP address to which packets are addressed to the ACE. • Dest. IP Address - Matches the destination port IP address to which packets are addressed to the ACE. • Traffic Class - Indicates the traffic class to which the packet is matched. • Select either Match DSCP or Match IP: • Match DSCP - Matches the packet to the DSCP tag value. • Match IP Precedence - Matches the packet IP Precedence value to the ACE. Either the DSCP value or the IP Precedence value is used to match packets to ACLs. The possible field range is 0-7. • Action - Indicates the action assigned to the packet matching the ACL. Packets are forwarded or dropped. In addition, the port can be shutdown, a trap can be sent to the network administrator, or packet is assigned rate limiting restrictions for forwarding. The options are as follows: - Permit - Forwards packets which meet the ACL criteria. - Deny - Drops packets which meet the ACL criteria. - Shutdown - Drops packet that meets the ACL criteria, and disables the port to which the packet was addressed. Ports are reactivated from the Port Management page. ESW 500 Series Switches Administration Guide 167