Linksys SRW208G, SRW208MP, SRW208L, SRW208P manual Advanced Configuration, ACL MAC based ACL

Page 38

Chapter 5

•• Deny  Drops packets which meet the ACL criteria.

•• Shutdown  Drops packet that meets the ACL criteria, and disables the port to which the packet was addressed. Ports are reactivated from the Port Management screen.

Protocol  Creates an ACE (Access Control Event) based on a specific protocol.

Select from List  Selects from a protocols list on which ACE can be based. The possible field values are:

•• Any  Matches the protocol to any protocol.

•• EIGRP  Indicates that the Enhanced Interior Gateway Routing Protocol (EIGRP) is used to classify network flows.

•• ICMP  Indicates that the Internet Control Message Protocol (ICMP) is used to classify network flows.

•• IGMP  Indicates that the Internet Group Management Protocol (IGMP) is used to classify network flows.

•• TCP  Indicates that the Transmission Control Protocol is used to classify network flows.

•• OSPF  Matches the packet to the Open Shortest Path First (OSPF) protocol.

•• UDP  Indicates that the User Datagram Protocol is used to classify network flows.

Protocol ID To Match  Adds user-defined protocols to which packets are matched to the ACE. Each protocol has a specific protocol number which is unique. The possible field range is 0-255.

TCP Flags  Filters packets by TCP flag. Filtered packets are either forwarded or dropped. Filtering packets by TCP flags increases packet control, which increases network security. The values that can be assigned are:

•• Set  Enables filtering packets by selected flags.

•• Unset  Disables filtering packets by selected flags.

•• Don’t care  Indicates that selected packets do not influence the packet filtering process.

The TCP Flags that can be selected are: Urg  Indicates the packet is urgent.

Ack  Indicates the packet is acknowledged. Psh  Indicates the packet is pushed.

Rst  Indicates the connection is dropped. Syn  Indicates request to start a session. Fin  Indicates request to close a session.

8-Port 10/100 Ethernet Switch with Webview

Advanced Configuration

Source Port  Defines the TCP/UDP source port to which the ACE is matched. This field is active only if 800/6-TCP or 800/17-UDP are selected in the Select from List drop-down menu. The possible field range is 0 - 65535.

Destination Port  Defines the TCP/UDP destination port. This field is active only if 800/6-TCP or 800/17-UDP are selected in the Select from List drop-down menu. The possible field range is 0 - 65535.

Source IP Address  Matches the source port IP address to which packets are addressed to the ACE.

Wildcard Mask  Defines the source IP address wildcard mask. Wildcard masks specify which bits are used and which bits are ignored. A wild card mask of 255.255.255.255 indicates that no bit is important. A wildcard of 0.0.0.0 indicates that all the bits are important. For example, if the source IP address 149.36.184.198 and the wildcard mask is 255.36.184.00, the first eight bits of the IP address are ignored, while the last eight bits are used.

Dest. IP Address  Matches the destination port IP address to which packets are addressed to the ACE.

Wildcard Mask  Defines the destination IP address wildcard mask.

Match DSCP  Matches the packet DSCP value to the ACE. Either the DSCP value or the IP Precedence value is used to match packets to ACLs. The possible field range is 0-63.

Match IP Precedence  Matches the packet IP Precedence value to the ACE. Either the DSCP value or the IP Precedence value is used to match packets to ACLs. The possible field range is 0-7.

The Add to List button adds the configured IP Based ACLs to the IP Based ACL Table at the bottom of the screen.

ACL > MAC based ACL

ACL > MAC based ACL

32

Page 37 Page 39
Image 38
Page 37 Page 39
Contents Port 10/100 Ethernet Switch with Webview Icon Descriptions About This GuideAbout This Guide Online ResourcesTable of Contents Port 10/100 Ethernet Switch with Webview Iii Table of Contents Appendix G Contact Information Appendix B IntroductionAppendix F Regulatory Information Welcome Chapter IntroductionIntroduction SRW208 Front Panel Chapter Product OverviewProduct Overview SRW208G Front PanelSRW208L Front Panel SRW208P/SRW208MP Front PanelBack Panel Positioning the Switch Chapter InstallationInstallation Placement OptionsRack-Mount Placement Wall-Mount Placement Hardware Installation Chapter Configuration Using Console Interface Connecting to the Switch through a Telnet SessionSwitch Main Menu System Configuration MenuManagement Settings SSH Configuration User & Password Settings IP Configuration Https Configuration Port Configuration Port StatusHelp Accessing the Web-based Utility Chapter Advanced ConfigurationAdvanced Configuration Setup SummarySystem Information Setup Network SettingsIP Configuration PoE InformationSetup Time Port Management Port SettingsPort Configuration Detail Port Management Link Aggregation Link Aggregation DetailPort Management PoE Power Settings Port Management LacpSingle Vlan Vlan Management Port SettingsVlan Management Create Vlan Vlan RangeVlan Management Ports to Vlan Vlan Management Vlan to PortsJoin Vlan Detail Vlan Management GvrpStatistics Rmon Statistics Statistics Rmon History Log TableStatistics Rmon Alarms Rmon HistoryStatistics Rmon Events Add EventStatistics Port Utilization Statistics 802.1x StatisticsStatistics Gvrp Statistics ACL IP based ACLACL MAC based ACL Security ACL Binding Security RadiusSecurity TACACS+ Security Ports Security Security 802.1x SettingsSetting Timer Security Multiple Hosts QoS QoS CoS SettingsSecurity Storm Control CoS Default QoS Queue SettingsQoS Dscp Settings QoS BandwidthQoS Basic Mode QoS Advanced ModeNew Class Map Out of Profile DscpPolicy Name New Aggregate Policer Spanning TreeSpanning Tree STP Status Spanning Tree Global STP Global SettingBridge Settings Spanning Tree STP Port Settings Spanning Tree Rstp Port SettingsSpanning Tree Mstp Properties Established by the deviceSpanning Tree Mstp Instance Settings Multicast Igmp Snooping Multicast Bridge Multicast Snmp Global ParametersSnmp Views Snmp Group Profile Snmp Group MembershipSnmp Communities Base TableAdvanced Table Snmp Notification FilterSnmp Notification Recipient Admin User Authentication Admin Static AddressQuery Admin Dynamic AddressAdmin Logging Admin Port Mirroring Admin Cable TestBackup Admin Save ConfigurationAdmin Firmware Upgrade Via TftpAdmin Server Logs Admin RebootAdmin Factory Defaults Admin Memory Logs Admin Flash LogsFiber Optic Cabling Appendix a About Gigabit Ethernet Fiber Optic CablingGigabit Ethernet Startup Menu Procedures Appendix B IntroductionDownloading Using Xmodem Appendix C Glossary GlossaryGlossary Smtp Simple Mail Transfer Protocol The standard e Appendix C Appendix D Specifications SpecificationsQoS Specifications SRW208L SRW208MP Limits Bandwidth Intensive Video Traffic to Only Requestors Support 256 multicast groups Ethernet Exclusions and Limitations Warranty InformationObtaining Warranty Service Warranty Information Technical SupportFCC Statement Safety NoticesRegulatory Information Industry Canada StatementRegulatory Information Appendix F Norsk Norwegian Miljøinformasjon for kunder i EU Appendix F Appendix G Contact Information
Related manuals
Manual 3 pages 51.04 Kb Manual 142 pages 37.07 Kb Manual 3 pages 34.25 Kb
Top Page Image Contents