Home » Netgear Manuals » Hubs & Switches » Netgear GS110TP » Manual Viewer

Netgear GS110TP GS108T/ GS110TP Smart Switch Software Administration Manual - Page 183

MAC Rules, Cancel, Security, ACL, then click the Basic, Action, Permit, Assign Queue, Match Every

UPC - 606449069129

Add to My Manuals
Save this manual to your list of manuals

Page 183 highlights

GS108T and GS110TP Smart Switch Software Administration Manual 4. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. MAC Rules Use the MAC Rules page to define rules for MAC-based ACLs. The access list definition includes rules that specify whether traffic matching the criteria is forwarded normally or discarded. A default 'deny all' rule is the last rule of every list. To display the MAC Rules page, click Security  ACL, then click the Basic  MAC Rules link. To configure MAC ACL rules: 1. From the ACL Name field, specify the existing MAC ACL to which the rule will apply. To set up a new MAC ACL use the MAC ACL page. 2. To add a new rule, enter an ID for the rule, configure the following settings, and click Add. • Action. Specify what action should be taken if a packet matches the rule's criteria: • Permit: Forwards packets that meet the ACL criteria. • Deny: Drops packets that meet the ACL criteria. • Assign Queue. Specifies the hardware egress queue identifier used to handle all packets matching this ACL rule. Enter an identifying number from 0-3 in this field. • Match Every. Requires a packet to match the criteria of this ACL. Select True or False from the drop down menu. Match Every is exclusive to the other filtering rules, so if Match Every is True, the other rules on the screen are not available. • CoS. Requires a packet's class of service (CoS) to match the CoS value listed here. Enter a CoS value between 0-7 to apply this criteria. • Destination MAC. Requires an Ethernet frame's destination port MAC address to match the address listed here. Enter a MAC address in this field. The valid format is xx:xx:xx:xx:xx:xx. • Destination MAC Mask. If desired, enter the MAC Mask associated with the Destination MAC to match. The MAC address mask specifies which bits in the destination MAC to compare against an Ethernet frame. Use Fs and zeros in the MAC mask, which is in a wildcard format. An F means that the bit is not checked, and a zero in a bit position means that the data must equal the value given for that bit. For Chapter 5: Managing Device Security | 183

Section	Page
GS108T and GS110TP Smart Switch	1
Table of Contents	3
1. Getting Started	8
Getting Started with the GS108T and GS110TP Gigabit Smart Switches	9
Switch Management Interface	10
Connecting the Switch to the Network	11
Switch Discovery in a Network with a DHCP Server	12
Switch Discovery in a Network without a DHCP Server	14
Configuring the Network Settings on the Administrative System	15
Web Access	17
Smart Control Center Utilities	18
Network Utilities	18
Configuration Upload and Download	19
Firmware Upgrade	21
Viewing and Managing Tasks	22
Understanding the User Interfaces	24
Using the Web Interface	24
Using SNMP	29
Interface Naming Convention	30
2. Configuring System Information	32
Management	33
System Information	33
IP Configuration	34
Time	36
Denial of Service	42
DNS	44
Green Ethernet Configuration	47
PoE (GS110TP Only)	48
PoE Configuration	48
PoE Port Configuration	49
Timer Global Configuration	51
Timer Schedule Configuration	52
SNMP	54
SNMPV1/V2	54
Trap Flags	57
SNMP v3 User Configuration	58
LLDP	59
LLDP Configuration	59
LLDP Port Settings	61
LLDP-MED Network Policy	62
LLDP-MED Port Settings	64
Local Information	65
Neighbors Information	67
Services — DHCP Filtering	72
DHCP Filtering Configuration	72
Interface Configuration	73
3. Configuring Switching Information	75
Ports	76
Port Configuration	76
Flow Control	78
Link Aggregation Groups	79
LAG Configuration	79
LAG Membership	81
LACP Configuration	82
LACP Port Configuration	83
VLANs	84
VLAN Configuration	84
VLAN Membership Configuration	86
Port VLAN ID Configuration	87
Voice VLAN	89
Voice VLAN Properties	89
Voice VLAN Port Setting	90
Voice VLAN OUI	91
Auto-VoIP	93
Spanning Tree Protocol	94
STP Switch Configuration	95
CST Configuration	97
CST Port Configuration	98
CST Port Status	100
Rapid STP	101
MST Configuration	102
MST Port Configuration	104
STP Statistics	106
Multicast	108
Auto-Video Configuration	108
IGMP Snooping	109
IGMP Snooping Querier	117
Forwarding Database	121
MAC Address Table	121
Dynamic Address Configuration	123
Static MAC Address	124
4. Configuring Quality of Service	125
Class of Service	126
Basic CoS Configuration	126
CoS Interface Configuration	128
Interface Queue Configuration	129
802.1p to Queue Mapping	130
DSCP to Queue Mapping	131
Differentiated Services	133
Defining DiffServ	133
Diffserv Configuration	134
Class Configuration	135
Policy Configuration	138
Service Configuration	142
Service Statistics	143
5. Managing Device Security	145
Management Security Settings	146
Change Password	146
RADIUS Configuration	147
Configuring TACACS+	153
Authentication List Configuration	155
Configuring Management Access	157
HTTP Configuration	157
Secure HTTP Configuration	158
Certificate Download	159
Access Profile Configuration	161
Access Rule Configuration	162
Port Authentication	164
802.1X Configuration	164
Port Authentication	165
Port Summary	169
Traffic Control	171
MAC Filter Configuration	171
MAC Filter Summary	173
Storm Control	174
Port Security Configuration	175
Port Security Interface Configuration	176
Security MAC Address	178
Protected Ports Membership	179
Configuring Access Control Lists	180
ACL Wizard	180
MAC ACL	182
MAC Rules	183
MAC Binding Configuration	184
MAC Binding Table	186
IP ACL	187
IP Rules	188
IP Extended Rule	189
IP Binding Configuration	193
IP Binding Table	194
6. Monitoring the System	195
Ports	196
Switch Statistics	196
Port Statistics	198
Port Detailed Statistics	199
EAP Statistics	206
System Logs	208
Memory Logs	208
FLASH Log Configuration	210
Server Log Configuration	212
Trap Logs	214
Event Logs	215
Port Mirroring	216
Multiple Port Mirroring	216
7. Maintaining the System	219
Reset	220
Device Reboot	220
Factory Default	221
Upload File From Switch	222
Download File To Switch	223
TFTP File Download	223
HTTP File Download	225
File Management	228
Dual Image Configuration	228
Dual Image Status	229
Troubleshooting	231
Ping	231
Traceroute	232
8. Accessing Help	235
Online Help	235
Support	235
User Guide	236
A. Hardware Specifications and Default Values	238
GS108T and GS110TP Gigabit Smart Switches Specifications	238
GS108 Specifications	238
GS110 Specifications	238
GS108T and GS110TP Switch Performance	239
GS108T and GS110TP Switch Features and Defaults	239
Port Characteristics	239
Traffic Control	240
Quality Of Service	240
Security	240
System Setup	241
Management	241
Other Features	242
B. Configuration Examples	243
Virtual Local Area Networks (VLANs)	244
VLAN Example Configuration	245
Access Control Lists (ACLs)	246
MAC ACL Example Configuration	246
Standard IP ACL Example Configuration	248
Differentiated Services (DiffServ)	249
Class	249
DiffServ Traffic Classes	250
Creating Policies	250
DiffServ Example Configuration	252
802.1X	254
802.1X Example Configuration	255
MSTP	257
MSTP Example Configuration	258
C. Notification of Compliance	262

Match case Limit results 1 per page

Chapter 5:

Managing Device Security

183

GS108T and GS110TP Smart Switch Software Administration Manual

Click

Cancel

to cancel the configuration on the screen and reset the data on the screen to

the latest value of the switch.

MAC Rules

Use the MAC Rules page to define rules for MAC-based ACLs. The access list definition

includes rules that specify whether traffic matching the criteria is forwarded normally or

discarded. A default 'deny all' rule is the last rule of every list.

To display the MAC Rules page, click

Security



ACL, then click the Basic



MAC Rules

link.

To configure MAC ACL rules:

From the ACL Name field, specify the existing MAC ACL to which the rule will apply. To

set up a new MAC ACL use the

MAC ACL

page.

To add a new rule, enter an ID for the rule, configure the following settings, and click

Add

•

Action

. Specify what action should be taken if a packet matches the rule's criteria:

•

Permit

: Forwards packets that meet the ACL criteria.

•

Deny

: Drops packets that meet the ACL criteria.

•

Assign Queue

. Specifies the hardware egress queue identifier used to handle all

packets matching this ACL rule. Enter an identifying number from 0–3 in this field.

•

Match Every

. Requires a packet to match the criteria of this ACL. Select True or

False from the drop down menu. Match Every is exclusive to the other filtering rules,

so if Match Every is True, the other rules on the screen are not available.

•

CoS

. Requires a packet’s class of service (CoS) to match the CoS value listed here.

Enter a CoS value between 0–7 to apply this criteria.

•

Destination MAC

. Requires an Ethernet frame’s destination port MAC address to

match the address listed here. Enter a MAC address in this field. The valid format is

xx:xx:xx:xx:xx:xx.

•

Destination MAC Mask

. If desired, enter the MAC Mask associated with the

Destination MAC to match. The MAC address mask specifies which bits in the

destination MAC to compare against an Ethernet frame. Use Fs and zeros in the

MAC mask, which is in a wildcard format. An F means that the bit is not checked, and

a zero in a bit position means that the data must equal the value given for that bit. For