Home » Netgear Manuals » Hubs & Switches » Netgear GS110TP » Manual Viewer

Netgear GS110TP GS108Tv2/GS110TP Software Reference Manual - Page 221

IP Extended Rule, Assign Queue ID, Match Every, Source IP Address, Source IP Mask, Delete, Apply

UPC - 606449069129

Add to My Manuals
Save this manual to your list of manuals

Page 221 highlights

GS108T and GS110TP Smart Switch Software Administration Manual • Assign Queue ID. Specifies the hardware egress queue identifier used to handle all packets matching this ACL rule. Enter an identifying number from 0-3 in the appropriate field. • Match Every. Requires a packet to match the criteria of this ACL. Select True or False from the drop down menu. Match Every is exclusive to the other filtering rules, so if Match Every is True, the other rules on the screen are not available. • Source IP Address. Requires a packet's source IP address to match the address listed here. Type an IP Address in the appropriate field using dotted-decimal notation. The address you enter is compared to a packet's source IP Address. • Source IP Mask. Specifies the source IP address wildcard mask. Wild card masks determines which bits are used and which bits are ignored. A wild card mask of 255.255.255.255 indicates that no bit is important. A wildcard of 0.0.0.0 indicates that all of the bits are important. Wildcard masking for ACLs operates differently from a subnet mask. A wildcard mask is in essence the inverse of a subnet mask. For example, to apply the rule to all hosts in the 192.168.1.0/24 subnet, you type 0.0.0.255 in the Source IP Mask field. This field is required when you configure a source IP address. 2. To delete an IP ACL rule, select the check box associated with the rule, and then click Delete. 3. To update an IP ACL rule, select the check box associated with the rule, update the desired fields, and then click Apply. You cannot modify the Rule ID of an existing IP rule. 4. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 5. If you change any of the settings on the page, click Apply to send the updated configuration to the switch. Configuration changes take effect immediately. IP Extended Rule Use the IP Extended Rules page to define rules for IP-based extended ACLs. The access list definition includes rules that specify whether traffic matching the criteria is forwarded normally or discarded. Note: There is an implicit "deny all" rule at the end of an ACL list. This means that if an ACL is applied to a packet and if none of the explicit rules match, then the final implicit "deny all" rule applies and the packet is dropped. To display the IP extended Rules page, click Security  ACL, then click the Advanced  IP Extended Rules link. Managing Device Security v1.0, April 2010 5-53

Section	Page
GS108T and GS110TP Smart Switch Software Administration Manual	1
Contents	5
About This Manual	11
Audience	11
Organization	11
Conventions, Formats and Scope	12
How to Print this Manual	14
Revision History	14
Chapter 1 Getting Started	15
Switch Management Interface	15
Connecting the Switch to the Network	16
Switch Discovery in a Network with a DHCP Server	17
Switch Discovery in a Network without a DHCP Server	19
Configuring the Network Settings on the Administrative System	21
Web Access	22
Smart Control Center Utilities	23
Network Utilities	23
Configuration Upload and Download	24
Firmware Upgrade	26
Viewing and Managing Tasks	28
Understanding the User Interfaces	29
Using the Web Interface	29
Navigation Tabs, Feature Links, and Page Menu	30
Configuration and Monitoring Options	31
Device View	32
Help Page Access	34
User-Defined Fields	34
Using SNMP	34
Interface Naming Convention	35
Chapter 2 Configuring System Information	37
Management	37
System Information	37
IP Configuration	39
Time	41
Time Configuration	42
SNTP Server Configuration	45
Denial of Service	48
Auto-DoS Configuration	48
DoS Configuration	49
DNS	51
DNS Configuration	51
Host Configuration	52
Green Ethernet Configuration	53
PoE (GS110TP Only)	54
PoE Configuration	55
PoE Port Configuration	56
Timer Global Configuration	58
Timer Schedule Configuration	59
SNMP	61
SNMPV1/V2	61
Community Configuration	61
Trap Configuration	63
Trap Flags	64
SNMP v3 User Configuration	65
LLDP	67
LLDP Configuration	67
LLDP Port Settings	69
LLDP-MED Network Policy	70
LLDP-MED Port Settings	72
Local Information	73
Neighbors Information	76
Services — DHCP Filtering	81
DHCP Filtering Configuration	81
Interface Configuration	82
Chapter 3 Configuring Switching Information	85
Ports	85
Port Configuration	85
Flow Control	88
Link Aggregation Groups	89
LAG Configuration	89
LAG Membership	91
LACP Configuration	92
LACP Port Configuration	93
VLANs	94
VLAN Configuration	95
VLAN Membership Configuration	96
Port VLAN ID Configuration	98
Voice VLAN	100
Voice VLAN Properties	100
Voice VLAN Port Setting	102
Voice VLAN OUI	103
Auto-VoIP	104
Spanning Tree Protocol	106
STP Switch Configuration	107
CST Configuration	109
CST Port Configuration	111
CST Port Status	113
Rapid STP	115
MST Configuration	116
MST Port Configuration	118
STP Statistics	121
Multicast	122
Auto-Video Configuration	122
IGMP Snooping	123
IGMP Snooping Configuration	124
IGMP Snooping Interface Configuration	125
IGMP Snooping Table	127
Multicast Forwarding Database Table	129
MFDB Statistics	130
IGMP Snooping VLAN Configuration	132
IGMP Snooping Querier	133
IGMP Snooping Querier Configuration	134
IGMP Snooping Querier VLAN Configuration	135
IGMP Snooping Querier VLAN Status	136
Forwarding Database	137
MAC Address Table	138
Dynamic Address Configuration	139
Static MAC Address	140
Chapter 4 Configuring Quality of Service	143
Class of Service	143
Basic CoS Configuration	144
CoS Interface Configuration	146
Interface Queue Configuration	147
802.1p to Queue Mapping	149
DSCP to Queue Mapping	151
Differentiated Services	152
Defining DiffServ	152
Diffserv Configuration	153
Class Configuration	155
Policy Configuration	159
Service Configuration	165
Service Statistics	166
Chapter 5 Managing Device Security	169
Management Security Settings	169
Change Password	170
RADIUS Configuration	171
Global Configuration	171
RADIUS Server Configuration	173
Accounting Server Configuration	175
Configuring TACACS+	178
TACACS+ Configuration	178
TACACS+ Server Configuration	179
Authentication List Configuration	181
Configuring Management Access	182
HTTP Configuration	183
Secure HTTP Configuration	184
Certificate Download	186
Access Profile Configuration	187
Access Rule Configuration	189
Port Authentication	191
802.1X Configuration	192
Port Authentication	193
Port Summary	198
Traffic Control	200
MAC Filter Configuration	200
MAC Filter Summary	202
Storm Control	203
Port Security Configuration	205
Port Security Interface Configuration	206
Security MAC Address	208
Protected Ports Membership	209
Configuring Access Control Lists	210
ACL Wizard	211
MAC ACL	212
MAC Rules	214
MAC Binding Configuration	216
MAC Binding Table	217
IP ACL	218
IP Rules	220
IP Extended Rule	221
IP Binding Configuration	226
IP Binding Table	227
Chapter 6 Monitoring the System	229
Ports	229
Switch Statistics	229
Port Statistics	232
Port Detailed Statistics	233
EAP Statistics	241
System Logs	242
Memory Logs	243
FLASH Log Configuration	245
Server Log Configuration	247
Trap Logs	249
Event Logs	250
Port Mirroring	252
Multiple Port Mirroring	252
Chapter 7 Maintenance	255
Reset	255
Device Reboot	255
Factory Default	256
Upload File From Switch	257
Download File To Switch	259
TFTP File Download	259
HTTP File Download	262
File Management	263
Dual Image Configuration	264
Dual Image Status	265
Troubleshooting	266
Ping	266
Traceroute	268
Chapter 8 Help	271
Online Help	271
Support	271
User Guide	272
Appendix A Hardware Specifications and Default Values	273
GS108T Gigabit Smart Switch and GS110TP Gigabit Smart Switch Specifications	273
GS108T and GS110TP Switch Features and Defaults	274
Appendix B Configuration Examples	279
Virtual Local Area Networks (VLANs)	279
VLAN Example Configuration	281
Access Control Lists (ACLs)	282
MAC ACL Example Configuration	282
Standard IP ACL Example Configuration	284
Differentiated Services (DiffServ)	285
Class	286
DiffServ Traffic Classes	286
Creating Policies	287
Traffic Conditioning Policy	287
DiffServ Example Configuration	288
802.1X	290
802.1X Example Configuration	292
MSTP	293
MSTP Example Configuration	295

Match case Limit results 1 per page

GS108T and GS110TP Smart Switch Software Administration Manual

Managing Device Security

5-53

v1.0, April 2010

•

Assign Queue ID

. Specifies the hardware egress queue identifier used to handle all

packets matching this ACL rule. Enter an identifying number from 0–3 in the appropriate

field.

•

Match Every

. Requires a packet to match the criteria of this ACL. Select True or False

from the drop down menu. Match Every is exclusive to the other filtering rules, so if

Match Every is True, the other rules on the screen are not available.

•

Source IP Address

. Requires a packet’s source IP address to match the address listed

here. Type an IP Address in the appropriate field using dotted-decimal notation. The

address you enter is compared to a packet's source IP Address.

•

Source IP Mask

. Specifies the source IP address wildcard mask. Wild card masks

determines which bits are used and which bits are ignored. A wild card mask of

255.255.255.255 indicates that no bit is important. A wildcard of 0.0.0.0 indicates that all

of the bits are important. Wildcard masking for ACLs operates differently from a subnet

mask. A wildcard mask is in essence the inverse of a subnet mask. For example, to apply

the rule to all hosts in the 192.168.1.0/24 subnet, you type 0.0.0.255 in the Source IP Mask

field. This field is required when you configure a source IP address.

To delete an IP ACL rule, select the check box associated with the rule, and then click

Delete

To update an IP ACL rule, select the check box associated with the rule, update the desired

fields, and then click

Apply

. You cannot modify the Rule ID of an existing IP rule.

Click

Cancel

to cancel the configuration on the screen and reset the data on the screen to the

latest value of the switch.

If you change any of the settings on the page, click

Apply

to send the updated configuration to

the switch. Configuration changes take effect immediately.

IP Extended Rule

Use the IP Extended Rules

page to define rules for IP-based extended ACLs. The access list

definition includes rules that specify whether traffic matching the criteria is forwarded normally or

discarded.

To display the IP extended Rules page, click

Security



ACL

, then click the

Advanced



Extended Rules

link.

Note:

There is an implicit “deny all” rule at the end of an ACL list. This means that if an

ACL is applied to a packet and if none of the explicit rules match, then the final

implicit “deny all” rule applies and the packet is dropped.