Netgear GS752TP GS728TP/GS728TPP/GS752TP Software Administration Manual - Page 258

GS752TP, GS728TP, and GS728TPP Gigabit Smart Switches 1. In the IP ACL screen, create an IP ACL with an IP ACL ID of 1. For more information, see IP ACL on page 196. 2. In the IP Rules screen, create a rule for IP ACL 1 with the following settings: • Rule ID. 1 • Action. Deny • Match Every. False • Source IP Address. 192.168.187.0 • Source IP Mask. 255.255.255.0 For more information about IP ACL rules, see IP Rules on page 198. 3. Click Add. 4. In the IP Rules screen, create a second rule for IP ACL 1 with the following settings: • Rule ID. 2 • Action. Permit • Match Every. True 5. Click Add. 6. In the IP Binding Configuration screen, assign ACL ID 1 to the Ethernet ports 2, 3, and 4, and assign a sequence number of 1. For more information, see IP Binding Configuration on page 205. By default, this IP ACL is bound on the inbound direction, so it examines traffic as it enters the switch. 7. Click APPLY. 8. Use the IP Binding Table screen to view the interfaces and IP ACL binding information. For more information, see IP Binding Table on page 206. The IP ACL in this example matches all packets with the source IP address and subnet mask of the Finance department network and denies it on the Ethernet interfaces 2, 3, and 4 of the switch. The second rule permits all non-Finance traffic on the ports. The second rule is required because there is an explicit deny all rule as the lowest priority rule. Configuration Examples 258