Cisco SRW2048 User Guide - Page 41

Protocol ID To Match - dropping connections

Get Cisco SRW2048 - Small Business Managed Switch PDF manuals and user guides
UPC - 745883565207
View all Cisco SRW2048 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 41 highlights

Chapter 5 Advanced Configuration The GVRP Error Statistics Table contains the following fields: Invalid Protocol ID Displays the device GVRP Invalid Protocol ID statistics. Invalid Attribute Type Displays the device GVRP Invalid Attribute ID statistics. Invalid Attribute Value Displays the device GVRP Invalid Attribute Value statistics. Invalid Attribute Length Displays the device GVRP Invalid Attribute Length statistics. Invalid Event Displays the device GVRP Invalid Events statistics. Use the Clear All Counters button to reset all tables. ACL > IP Based ACL The IP Based ACL (Access Control List) screen contains information for defining IP-based Access Control Lists (ACLs). ACL > IP Based ACL ACL Name Displays the user-defined IP based ACLs. New ACL Name Define a new user-defined IP based ACL, the name cannot include spaces. Delete ACL Deletes the selected ACL. Action Indicates the action assigned to the packet matching the ACL. Packets are forwarded or dropped. In addition, the port can be shut down, a trap can be sent to the network administrator, or a packet assigned rate limiting restrictions for forwarding. The options are as follows: •• Permit Forwards packets which meet the ACL criteria. •• Deny Drops packets which meet the ACL criteria. •• Shutdown Drops packet that meets the ACL criteria, and disables the port to which the packet was addressed. Ports are reactivated from the Port Management screen. Protocol Creates an Access Control Entry (ACE) based on a specific protocol. •• Select from List Selects from a protocols list on which ACE can be based. The possible field values are: •• Any Matches the protocol to any protocol. •• EIGRP Indicates that the Enhanced Interior Gateway Routing Protocol (EIGRP) is used to classify network flows. •• ICMP Indicates that the Internet Control Message Protocol (ICMP) is used to classify network flows. •• IGMP Indicates that the Internet Group Management Protocol (IGMP) is used to classify network flows. •• TCP Indicates that the Transmission Control Protocol is used to classify network flows. •• OSPF Matches the packet to the Open Shortest Path First (OSPF) protocol. •• UDP Indicates that the User Datagram Protocol is used to classify network flows. •• Protocol ID To Match Adds user-defined protocols to which packets are matched to the ACE. Each protocol has a specific protocol number which is unique. The possible field range is 0-255. TCP Flags Filters packets by TCP flag. Filtered packets are either forwarded or dropped. Filtering packets by TCP flags increases packet control, which increases network security. The values that can be assigned are: •• Set Enables filtering packets by selected flags. •• Unset Disables filtering packets by selected flags. •• Don't care Indicates that selected packets do not influence the packet filtering process. The TCP Flags that can be selected are: •• Urg Indicates the packet is urgent. •• Ack Indicates the packet is acknowledged. •• Psh Indicates the packet is pushed. •• Rst Indicates the connection is dropped. •• Syn Indicates request to start a session. •• Fin Indicates request to close a session. WebView Switches 34

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
Chapter 5
Advanced Configuration
34
WebView Switches
The GVRP Error Statistics Table contains the following
fields:
Invalid Protocol ID
Displays the device GVRP Invalid
Protocol ID statistics.
Invalid Attribute Type
Displays the device GVRP Invalid
Attribute ID statistics.
Invalid Attribute Value
Displays the device GVRP Invalid
Attribute Value statistics.
Invalid Attribute Length
Displays the device GVRP
Invalid Attribute Length statistics.
Invalid Event
Displays the device GVRP Invalid Events
statistics.
Use the
Clear All Counters
button to reset all tables.
ACL > IP Based ACL
The
IP Based ACL (Access Control List)
screen contains
information for defining IP-based Access Control Lists
(ACLs).
ACL > IP Based ACL
ACL Name
Displays the user-defined IP based ACLs.
New ACL Name
Define a new user-defined IP based ACL,
the name cannot include spaces.
Delete ACL
Deletes the selected ACL.
Action
Indicates the action assigned to the packet
matching the ACL. Packets are forwarded or dropped. In
addition, the port can be shut down, a trap can be sent
to the network administrator, or a packet assigned rate
limiting restrictions for forwarding. The options are as
follows:
Permit
Forwards
packets
which
meet
the
ACL
criteria.
Deny
Drops packets which meet the ACL criteria.
Shutdown
Drops
packet
that
meets
the
ACL
criteria, and disables the port to which the packet
was addressed. Ports are reactivated from the
Port
Management
screen.
Protocol
Creates an Access Control Entry (ACE) based on
a specific protocol.
Select from List
Selects from a protocols list on which
ACE can be based. The possible field values are:
Any
Matches the protocol to any protocol.
EIGRP
Indicates
that
the
Enhanced
Interior
Gateway Routing Protocol (EIGRP) is used to classify
network flows.
ICMP
Indicates that the Internet Control Message
Protocol (ICMP) is used to classify network flows.
IGMP
Indicates
that
the
Internet
Group
Management Protocol (IGMP) is used to classify
network flows.
TCP
Indicates
that
the
Transmission
Control
Protocol is used to classify network flows.
OSPF
Matches the packet to the Open Shortest
Path First (OSPF) protocol.
UDP
Indicates that the User Datagram Protocol is
used to classify network flows.
Protocol ID To Match
Adds user-defined protocols to
which packets are matched to the ACE. Each protocol
has a specific protocol number which is unique. The
possible field range is
0–255
.
TCP Flags
Filters packets by TCP flag. Filtered packets
are either forwarded or dropped. Filtering packets by TCP
flags increases packet control, which increases network
security. The values that can be assigned are:
Set
Enables filtering packets by selected flags.
Unset
Disables filtering packets by selected flags.
Don’t care
Indicates that selected packets do not
influence the packet filtering process.
The TCP Flags that can be selected are:
Urg
Indicates the packet is urgent.
Ack
Indicates the packet is acknowledged.
Psh
Indicates the packet is pushed.
Rst
Indicates the connection is dropped.
Syn
Indicates request to start a session.
Fin
Indicates request to close a session.