Dell PowerConnect M6220 Configuration Guide - Page 93

IP ACLs, ACL Configuration Process, IP ACL CLI Examples, Source L4 port

Get Dell PowerConnect M6220 PDF manuals and user guides View all Dell PowerConnect M6220 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 93 highlights

L2 ACLs can apply to one or more interfaces. Multiple access lists can be applied to a single interface; sequence number determines the order of execution. You can assign packets to queues using the assign queue option. IP ACLs IP ACLs classify for Layers 3 and 4. Each ACL is a set of up to ten rules applied to inbound traffic. Each rule specifies whether the contents of a given field should be used to permit or deny access to the network, and may apply to one or more of the following fields within a packet: • Destination IP with wildcard mask • Destination L4 Port • Every Packet • IP DSCP • IP Precedence • IP TOS • Protocol • Source IP with wildcard mask • Source L4 port • Destination Layer 4 port ACL Configuration Process To configure ACLs, follow these steps: 1 Create a MAC ACL by specifying a name. 2 Create an IP ACL by specifying a number. 3 Add new rules to the ACL. 4 Configure the match criteria for the rules. 5 Apply the ACL to one or more interfaces. IP ACL CLI Examples The script in this section shows you how to set up an IP ACL with two rules, one applicable to TCP traffic and one to UDP traffic. The content of the two rules is the same. TCP and UDP packets will only be accepted by the PowerConnect 6200 Series switch if the source and destination stations have IP addresses that fall within the defined sets. Device Security 93

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
Device Security
93
L2 ACLs can apply to one or more interfaces.
Multiple access lists can be applied to a single interface; sequence number determines the order of
execution.
You can assign packets to queues using the assign queue option.
IP ACLs
IP ACLs classify for Layers 3 and 4.
Each ACL is a set of up to ten rules applied to inbound traffic. Each rule specifies whether the contents
of a given field should be used to permit or deny access to the network, and may apply to one or more of
the following fields within a packet:
Destination IP with wildcard mask
Destination L4 Port
Every Packet
IP DSCP
IP Precedence
IP TOS
Protocol
Source IP with wildcard mask
Source L4 port
Destination Layer 4 port
ACL Configuration Process
To configure ACLs, follow these steps:
1
Create a MAC ACL by specifying a name.
2
Create an IP ACL by specifying a number.
3
Add new rules to the ACL.
4
Configure the match criteria for the rules.
5
Apply the ACL to one or more interfaces.
IP ACL CLI Examples
The script in this section shows you how to set up an IP ACL with two rules, one applicable to TCP
traffic and one to UDP traffic. The content of the two rules is the same. TCP and UDP packets will only
be accepted by the PowerConnect 6200 Series switch if the source and destination stations have IP
addresses that fall within the defined sets.