Home » Netgear Manuals » Hubs & Switches » Netgear GS724TPv2 » Manual Viewer

Netgear GS724TPv2 User Manual - Page 238

Modify the Match Criteria for a Basic IP ACL Rule, Src IP Mask

Add to My Manuals
Save this manual to your list of manuals

Page 238 highlights

NETGEAR 24-Port Gigabit Smart Managed Pro Switch with PoE+ and 2 SFP Ports Model GS724TPv2 - Deny. Drop packets that meet the ACL criteria. • Egress Queue. If the selection form the Action menu is Permit, you can specify the hardware egress queue identifier that is used to handle all packets matching this IP ACL rule. The range of queue IDs is 0 to 7. • Logging. If the selection form the Action menu is Deny, you can enable logging for the ACL by selecting the Enable radio button. (Logging is subject to resource availability in the device.) If the access list trap flag is also enabled, periodic traps are generated, indicating the number of times this rule was evoked during the report interval. A fixed five-minute report interval is used for the switch. A trap is not issued if the ACL rule hit count is zero for the current interval. • Match Every. From the Match Every menu, select whether all packets must match the selected IP ACL rule: - Enable. All packets must match the selected IP ACL rule and are either permitted or denied. - Disable. Not all packets need to match the selected IP ACL rule. This field cannot be set if a mirror interface is already configured for the IP ACL rule. • Src IP Address. Enter an IP address using dotted-decimal notation to be compared to a packet's source IP address as a match criterion for the selected IP ACL rule. • Src IP Mask. Specify the IP mask in dotted-decimal notation to be used with the source IP address value. 9. Click the Apply button. The updated configuration is sent to the switch. Configuration changes take effect immediately. Modify the Match Criteria for a Basic IP ACL Rule  To modify the match criteria for a basic IP ACL rule: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Change the Default IP Address of the Switch on page 9. The login window opens. 4. Enter the switch's password in the Password field. The default password is password. The System Information page displays. Manage Device Security 238

Section	Page
24-Port Gigabit Smart Managed Pro Switch with PoE+ and 2 SFP Ports Model GS724TPv2	1
Contents	3
1. Get Started	8
Switch Management Interface Overview	9
Change the Default IP Address of the Switch	9
Discover a Switch in a Network With a DHCP Server	10
Discover a Switch in a Network Without a DHCP Server	11
Configure the Network Settings on Your Computer	12
Access the Web Browser–Based Management Interface	15
About the User Interfaces	15
Software Requirements to Use the Web Interface	15
Supported Web Browsers	16
Use a Web Browser to Access the Switch and Log In	16
Navigation Tabs, Configuration Menus, and Page Menu	17
Configuration and Status Options	18
Web Interface Buttons	18
User-Defined Fields	18
Web Browser–Based Management Interface Device View	19
Interface Naming Conventions	21
Configure Interface Settings	21
Context-Sensitive Help and Access to the Support WebSite	25
User Guide	26
Register Your Product	27
2. Configure System Information	28
View and Configure the Switch Management Settings	29
View or Define System Information and View Software Information	29
Configure the Switch IP Settings	31
Configure the IPv6 Network Interface	33
View the IPv6 Network Neighbor	34
Configure the Time Settings	35
Configure Denial of Service Settings	50
Configure DNS Settings	52
Configure Green Ethernet Settings	56
Use the Device View	58
Configure PoE	58
Configure PoE Trap Settings and View PoE Information	59
Configure the PoE Port Settings	60
Configure SNMP	63
Configure the SNMPv1/v2 Community	63
Configure SNMPv1/v2 Trap Settings	65
Configure SNMPv1/v2 Trap Flags	68
View the Supported MIBs	69
Configure SNMP V3 Users	70
Configure LLDP	71
Configure LLDP Global Settings	71
Configure LLDP Port Settings	73
View LLDP-MED Network Policy Information	74
Configure LLDP-MED Port Settings	76
View Local LLDP Information	77
View LLDP Neighbors Information	79
Configure DHCP Snooping	82
Set Up PoE Timer Schedules	87
Create a PoE Timer Schedule	87
Specify the Settings for a PoE Timer Schedule	88
Delete a PoE Timer Schedule	90
3. Configure Switching	92
Configure Port Settings	93
Configure Link Aggregation Groups	95
Configure LAG Settings	96
Configure LAG Membership	97
Set the LACP System Priority	98
Set the LACP Port Priority Settings	99
Configure VLANs	100
Configure VLAN Settings	101
Configure VLAN Membership	103
View VLAN Status	105
Configure Port PVID Settings	106
Configure a Voice VLAN	108
Configure Auto-VoIP	110
Configure Protocol-Based Port Settings	110
Configure Auto-VoIP OUI-Based Properties	111
Configure OUI-Based Port Settings	112
Manage the OUI Table	113
Display the Auto-VoIP Status	116
Configure Spanning Tree Protocol	117
Configure STP Settings	117
Configure CST Settings	119
Configure CST Port Settings	121
View CST Port Status	122
View Rapid STP Information	124
Manage MST Settings	125
Configure the MST Port Settings	127
View STP Statistics	130
Configure Multicast	131
View the MFDB Table	131
View the MFDB Statistics	132
IGMP Snooping Overview	133
Configure IGMP Snooping	134
Configure IGMP Snooping for Interfaces	135
View the IGMP Snooping Table	137
Configure IGMP Snooping for VLANs	138
Modify IGMP Snooping Settings for a VLAN	139
IGMP Snooping Querier Overview	140
Configure IGMP Snooping Querier	140
Configure IGMP Snooping Querier for VLANs	141
Display IGMP Snooping Querier for VLAN Status	142
Configure a Static Multicast Group	143
Remove a Static Multicast Group	144
Configure Multicast Group Membership	145
Configure the Multicast Forward All Option	147
View and Configure the MAC Address Table	148
Configure the MAC Address Table	148
Set the Dynamic Address Aging Interval	150
Configure a Static MAC Address	151
4. Configure Quality of Service	152
Manage Class of Service	153
CoS Configuration Overview	153
Configure Global CoS Settings	153
Configure CoS Interface Settings for an Interface	155
Configure CoS Queue Settings for an Interface	156
802.1p to Queue Mapping	158
DSCP to Queue Mapping	159
Manage Differentiated Services	160
DiffServ Configuration Overview	161
Configure DiffServ Settings	161
Enable the DiffServ Mode and View the DiffServ Status	161
Configure a DiffServ Class	163
Configure a DiffServ Policy	168
Configure the DiffServ Service Interface	174
View DiffServ Service Statistics	176
5. Manage Device Security	178
Configure the Management Security Settings	179
Change the Password	179
Configure RADIUS Servers	180
Configure TACACS+	189
Configure Authentication Lists	191
Configure Management Access	194
Configure HTTP Settings	194
Configure HTTPS Settings	195
Manage Certificates	197
Download Certificates	198
Configure Access Control	200
Configure Access Rule Settings	201
Configure Port Authentication	202
Configure Global 802.1X Settings	203
Manage Port Authentication	204
View the Port Summary	208
Configure Traffic Control	210
Manage MAC Filtering	210
MAC Filter Summary	212
Configure Storm Control	212
Configure Port Security	214
Configure Protected Ports	218
Configure Access Control Lists	219
Use the ACL Wizard to Create a Simple ACL	220
Configure a MAC ACL	225
Configure MAC ACL Rules	227
Configure MAC Bindings	231
View or Delete MAC ACL Bindings in the MAC Binding Table	233
Configure an IP ACL	234
Configure Rules for a Basic IP ACL	236
Configure Rules for an Extended IP ACL	240
Configure IP ACL Interface Bindings	244
View or Delete IP ACL Bindings in the IP ACL Binding Table	246
6. Monitor the System	248
Monitor the Switch and the Ports	249
View Switch Statistics	249
View Port Statistics	252
View Detailed Port Statistics	254
View EAP Statistics	260
Perform a Cable Test	262
Configure and View Logs	263
Manage the Memory Logs	263
Message Log Format	265
Manage the Flash Log	266
Manage the Server Log	267
View the Trap Logs	270
Configure Port Mirroring	272
7. Maintenance	275
Reboot the Switch	276
Reset the Switch to Its Factory Default Settings	276
Upload a File From the Switch	277
Upload a File to the TFTP Server	277
Upload a File Using HTTP	279
Download a File to the Switch	280
Download a File to the Switch Using TFTP	280
Download a File to the Switch Using HTTP	282
Manage Files	284
Configure Dual Image Settings	284
Delete an Image	285
Display the Dual Image Status	286
Perform Troubleshooting	287
Ping an IPv4 Address	287
Ping an IPv6 Address	288
Enable and Perform Remote Diagnostics	289
A. Configuration Examples	291
Virtual Local Area Networks (VLANs)	292
VLAN Configuration Examples	293
Access Control Lists (ACLs)	294
MAC ACL Sample Configuration	294
Standard IP ACL Sample Configuration	295
Differentiated Services (DiffServ)	296
Class	297
DiffServ Traffic Classes	298
Creating Policies	298
DiffServ Example Configuration	299
802.1X	300
802.1X Example Configuration	302
MSTP	303
MSTP Example Configuration	305
B. Specifications and Default Settings	307
Switch Default Settings	308
General Feature Default Settings	309
System Setup and Maintenance Settings	314
Port Characteristics	315
Traffic Control Settings	315
Quality of Service Settings	316
Security Settings	316
System Management Settings	317

Match case Limit results 1 per page

Manage Device Security

238

NETGEAR 24-Port Gigabit Smart Managed Pro Switch with PoE+ and 2 SFP Ports Model GS724TPv2

Deny

. Drop packets that meet the ACL criteria.

•

Egress Queue

. If the selection form the

Action

menu is

Permit

, you can specify the

hardware egress queue identifier that is used to handle all packets matching this IP

ACL rule. The range of queue IDs is 0 to 7.

•

Logging

. If the selection form the

Action

menu is

Deny

, you can enable logging for

the ACL by selecting the

Enable

radio button. (Logging is subject to resource

availability in the device.)

If the access list trap flag is also enabled, periodic traps are generated, indicating the

number of times this rule was evoked during the report interval. A fixed five-minute

report interval is used for the switch. A trap is not issued if the ACL rule hit count is

zero for the current interval.

•

Match Every

. From the

Match Every

menu, select whether all packets must match

the selected IP ACL rule:

Enable

. All packets must match the selected IP ACL rule and are either permitted

or denied.

Disable

. Not all packets need to match the selected IP ACL rule.

This field cannot be set if a mirror interface is already configured for the IP ACL rule.

•

Src IP Address

. Enter an IP address using dotted-decimal notation to be compared

to a packet’s source IP address as a match criterion for the selected IP ACL rule.

•

Src IP Mask

. Specify the IP mask in dotted-decimal notation to be used with the

source IP address value.

Click the

Apply

button.

The updated configuration is sent to the switch. Configuration changes take effect

immediately.

Modify the Match Criteria for a Basic IP ACL Rule



To modify the match criteria for a basic IP ACL rule:

Connect your computer to the same network as the switch.

You can use a WiFi or wired connection to connect your computer to the network, or

connect directly to a switch that is off-network using an Ethernet cable.

Launch a web browser.

In the address field of your web browser, enter the IP address of the switch.

If you do not know the IP address of the switch, see

Change the Default IP Address of the

Switch

on page 9.

The login window opens.

Enter the switch’s password in the

Password

field.

The default password is

password

The System Information page displays.