D-Link DWS-4026 Product Manual - Page 346

D-Link Unified Access System Software User Manual 12/10/09 Field IP ACL IP ACL ID IP ACL Name Table 218: IP ACL Configuration Fields Description Select a type of ACL to create, or select an existing ACL to delete from the dropdown menu. You can create the following types of IP ACLs: • Standard IP ACL: Allows you to permit or deny traffic from a source IP address. • Extended IP ACL: Allows you to permit or deny specific types of layer 3 or layer 4 traffic from a source IP address to a destination IP address. This type of ACL provides more granularity and filtering capabilities than the standard IP ACL. • Named IP ACL: Allows you to create an Extended IP ACL that is identified by a name rather than a number. These ACLs have the same capabilities as Extended IP ACLs with respect to match criteria and actions supported. Enter an ID number for the ACL to configure. This field appears if you select Create Standard IP ACL or Create Extended IP ACL from the IP ACL dropdown menu. For a standard IP ACL, the acceptable ID values are 1-99. For an extended IP ACL, the acceptable ID values are 101-199. This field appears if you select Create New Named IP ACL from the IP ACL dropdown menu. Specify an IP ACL Name string which includes only alphanumeric characters. The name must start with an alphabetic character. This field will display the name of the currently selected IP ACL if the ACL has already been created. The ACL Table at the bottom of the page shows the current size of the ACL table versus the maximum size of the ACL table. The current size is equal to the number of configured IPv4 and IPv6 ACLs plus the number of configured MAC ACLs. The maximum size is 100. • To add an IP ACL, select the type of ACL to add from the IP ACL menu, enter an ACL ID in the appropriate field, and then click Submit. • To delete an IP ACL, select the ACL ID from the IP ACL menu, and then click Delete. The Delete button only appears if a configured IP ACL is selected. IP ACL Rule Configuration Use the IP ACL Rule Configuration page to define rules for IP-based ACLs created using the IP Access Control List Configuration page. The access list definition includes rules that specify whether traffic matching the criteria is forwarded normally or discarded. Additionally, you can specify to assign traffic to a particular queue and/or mirror the traffic to a particular port. There is an implicit "deny all" rule at the end of an ACL list. This means that if an ACL is applied to a packet and if none of the explicit rules match, then the final implicit "deny all" rule applies and the packet is dropped. To display the IP ACL Rule Configuration page, click LAN > QoS > Access Control Lists > IP Access Control Lists > Rule Configuration in the navigation menu. The fields available on the page depend on whether you select a standard, extended, or named IP ACL from the IP ACL field, whether the rule action is permit or deny, and whether you select Create Rule or an existing rule from the Rule field. Figure 243 shows the fields available when Create Rule is selected in the Rule field. Page 346 Configuring Access Control Lists Document 34CSFP6XXUWS-SWUM100-D7