Home » Netgear Manuals » Hubs & Switches » Netgear GS748Tv4 » Manual Viewer

Netgear GS748Tv4 GS748Tv4 Software Administration Manual - Page 193

Dst L4 Port, Service Type, Delete, Cancel, Notification Mode, Apply

Add to My Manuals
Save this manual to your list of manuals

Page 193 highlights

GS748T Smart Switch Software Administration Manual • Dst L4 Port. Requires a packet's TCP/UDP destination port to match the port listed here. Complete one of the following fields: • Destination L4 Keyword: Select the desired L4 keyword from a list of destination ports on which the rule can be based. • Destination L4 Port Number: If the destination L4 keyword is Other, enter a user-defined Port ID by which packets are matched to the rule. • Service Type. Choose one of the Service Type match conditions for the extended IP ACL rule. The possible values are IP DSCP, IP precedence, and IP TOS, which are alternative ways of specifying a match criterion for the same Service Type field in the IP header, however each uses a different user notation. After you select the service type, specify the value associated with the type. • IP DSCP: Specify the IP DiffServ Code Point (DSCP) value. The DSCP is defined as the high-order six bits of the Service Type octet in the IP header. Select an IP DSCP value from the menu. To specify a numeric value in the available field, select Other from the menu and type an integer from 0 to 63 in the field. • IP Precedence: The IP Precedence field in a packet is defined as the high-order three bits of the Service Type octet in the IP header. This is an optional configuration. Enter an integer from 0 to 7. • IP TOS Bits: Matches on the Type of Service bits in the IP header when checked. In the first TOS field, specify the two-digit hexadecimal TOS number. The second field is for the TOS Mask, which specifies the bit positions that are used for comparison against the IP TOS field in a packet. The TOS Mask value is a two-digit hexadecimal number from 00 to ff, representing an inverted (i.e., wildcard) mask. The zero-valued bits in the TOS Mask denote the bit positions in the TOS Bits value that are used for comparison against the IP TOS field of a packet. For example, to check for an IP TOS value having bits 7 and 5 set and bit 1 clear, where bit 7 is most significant, use a TOS Bits value of a0 and a TOS Mask of 00. 3. To delete an IP ACL rule, select the check box associated with the rule, and then click Delete. 4. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 5. To modify an existing IP Extended ACL rule, click the Rule ID. The number is a hyperlink to the Extended ACL Rule Configuration page. If the rule is Deny, you can specify the CPU Notification Mode. • Enable. No power is supplied to the port. • Disable. When a packet matches the ACL rule, the CPU is not notified, and the port continues to provide power. 6. If you modify the rule, click Apply to submit the changes to the switch. Chapter 5: Managing Device Security | 193

Section	Page
GS748T Smart Switch	1
Table of Contents	3
1. Getting Started	9
Getting Started with the GS748T Smart Switch	10
Switch Management Interface	11
Connecting the Switch to the Network	12
Switch Discovery in a Network with a DHCP Server	13
Switch Discovery in a Network without a DHCP Server	15
Configuring the Network Settings on the Administrative System	16
Web Access	18
Smart Control Center Utilities	19
Network Utilities	19
Configuration Upload and Download	20
Firmware Upgrade	22
Viewing and Managing Tasks	24
Understanding the User Interfaces	25
Using the Web Interface	25
Using SNMP	30
Interface Naming Convention	31
2. Configuring System Information	33
Management	34
System Information	34
IP Configuration	35
IPv6 Network Configuration	37
IPv6 Network Neighbor	39
Time	40
Denial of Service	45
DNS	48
Green Ethernet Configuration	51
SNMP	52
SNMPV1/V2	52
Trap Flags	55
SNMP v3 User Configuration	56
LLDP	58
LLDP Configuration	58
LLDP Port Settings	59
LLDP-MED Network Policy	61
LLDP-MED Port Settings	62
Local Information	64
Neighbors Information	66
Services — DHCP Filtering	71
DHCP Filtering Configuration	71
Interface Configuration	72
3. Configuring Switching Information	75
Ports	76
Port Configuration	76
Flow Control	77
Link Aggregation Groups	79
LAG Configuration	79
LAG Membership	81
LACP Configuration	82
LACP Port Configuration	83
VLANs	84
VLAN Configuration	84
VLAN Membership Configuration	85
Port VLAN ID Configuration	87
Voice VLAN	89
Voice VLAN Properties	89
Voice VLAN Port Setting	90
Voice VLAN OUI	91
Auto-VoIP Configuration	93
Spanning Tree Protocol	94
STP Switch Configuration	94
CST Configuration	96
CST Port Configuration	98
CST Port Status	99
Rapid STP	101
MST Configuration	101
MST Port Configuration	103
STP Statistics	105
Multicast	107
Auto-Video Configuration	107
IGMP Snooping	107
IGMP Snooping Querier	116
Forwarding Database	120
MAC Address Table	120
Dynamic Address Configuration	122
Static MAC Address	123
4. Configuring Quality of Service	125
Class of Service	126
Basic CoS Configuration	126
CoS Interface Configuration	127
Interface Queue Configuration	129
802.1p to Queue Mapping	130
DSCP to Queue Mapping	131
Differentiated Services	133
Defining DiffServ	133
Diffserv Configuration	134
Class Configuration	135
Policy Configuration	138
Service Configuration	143
Service Statistics	144
5. Managing Device Security	147
Management Security Settings	148
Change Password	148
RADIUS Configuration	149
Configuring TACACS+	154
Authentication List Configuration	157
Configuring Management Access	159
HTTP Configuration	159
Secure HTTP Configuration	160
Certificate Download	161
Access Profile Configuration	163
Access Rule Configuration	164
Port Authentication	166
802.1X Configuration	166
Port Authentication	168
Port Summary	172
Traffic Control	173
MAC Filter Configuration	173
MAC Filter Summary	175
Storm Control	175
Port Security Configuration	177
Port Security Interface Configuration	178
Security MAC Address	179
Protected Ports Membership	180
Configuring Access Control Lists	181
ACL Wizard	181
MAC ACL	182
MAC Rules	183
MAC Binding Configuration	185
MAC Binding Table	186
IP ACL	187
IP Rules	189
IP Extended Rules	190
IP Binding Configuration	194
IP Binding Table	195
6. Monitoring the System	197
Ports	198
Switch Statistics	198
Port Statistics	200
Port Detailed Statistics	201
EAP Statistics	208
Cable Test	209
System Logs	211
Memory Logs	211
FLASH Log Configuration	213
Server Log Configuration	214
Trap Logs	216
Event Logs	218
Port Mirroring	219
Multiple Port Mirroring	219
7. Maintenance	221
Reset	222
Device Reboot	222
Factory Default	222
Upload File From Switch	224
TFTP File Upload	224
HTTP File Upload	225
Download File To Switch	227
TFTP File Download	227
HTTP File Download	229
File Management	231
Dual Image Configuration	231
Dual Image Status	232
Troubleshooting	234
Ping	234
Ping IPv6	235
Traceroute	236
8. Help	239
Online Help	239
Support	239
User Guide	240
A. Hardware Specifications and Default Values	242
GS748T Smart Switch Specifications	242
GS748T Switch Features and Defaults	243
B. Configuration Examples	247
Virtual Local Area Networks (VLANs)	248
VLAN Example Configuration	249
Access Control Lists (ACLs)	250
MAC ACL Example Configuration	250
Standard IP ACL Example Configuration	252
Differentiated Services (DiffServ)	253
Class	253
DiffServ Traffic Classes	254
Creating Policies	254
DiffServ Example Configuration	255
802.1X	258
802.1X Example Configuration	259
MSTP	261
MSTP Example Configuration	262
C. Notification of Compliance	266

Match case Limit results 1 per page

Chapter 5:

Managing Device Security

193

GS748T Smart Switch Software Administration Manual

•

Dst L4 Port

. Requires a packet’s TCP/UDP destination port to match the port listed

here. Complete one of the following fields:

•

Destination L4 Keyword: Select the desired L4 keyword from a list of destination

ports on which the rule can be based.

•

Destination L4 Port Number: If the destination L4 keyword is Other, enter a

user-defined Port ID by which packets are matched to the rule.

•

Service Type

. Choose one of the Service Type match conditions for the extended IP

ACL rule. The possible values are IP DSCP, IP precedence, and IP TOS, which are

alternative ways of specifying a match criterion for the same Service Type field in the

IP header, however each uses a different user notation. After you select the service

type, specify the value associated with the type.

•

IP DSCP: Specify the IP DiffServ Code Point (DSCP) value. The DSCP is defined

as the high-order six bits of the Service Type octet in the IP header. Select an IP

DSCP value from the menu. To specify a numeric value in the available field,

select Other from the menu and type an integer from 0 to 63 in the field.

•

IP Precedence: The IP Precedence field in a packet is defined as the high-order

three bits of the Service Type octet in the IP header. This is an optional

configuration. Enter an integer from 0 to 7.

•

IP TOS Bits: Matches on the Type of Service bits in the IP header when checked.

In the first TOS field, specify the two-digit hexadecimal TOS number. The second

field is for the TOS Mask, which specifies the bit positions that are used for

comparison against the IP TOS field in a packet. The TOS Mask value is a

two-digit hexadecimal number from 00 to ff, representing an inverted (i.e.,

wildcard) mask. The zero-valued bits in the TOS Mask denote the bit positions in

the TOS Bits value that are used for comparison against the IP TOS field of a

packet. For example, to check for an IP TOS value having bits 7 and 5 set and bit

1 clear, where bit 7 is most significant, use a TOS Bits value of a0 and a TOS

Mask of 00.

To delete an IP ACL rule, select the check box associated with the rule, and then click

Delete

Click

Cancel

to cancel the configuration on the screen and reset the data on the screen to

the latest value of the switch.

To modify an existing IP Extended ACL rule, click the Rule ID. The number is a hyperlink to

the Extended ACL Rule Configuration page. If the rule is Deny, you can specify the

CPU

Notification Mode

•

Enable. No power is supplied to the port.

•

Disable. When a packet matches the ACL rule, the CPU is not notified, and the port

continues to provide power.

If you modify the rule, click

Apply

to submit the changes to the switch.