Add Rules to ACL | 3Com 2924-PWR manual

Defining Access Control Lists

65

■Selection ACL — Selects an existing MAC-based ACL to which rules are to be added.

■Create ACL — Defines a new user-defined MAC-based Access Control List.

Add Rules to ACL

■Priority — Sets the rule priority, which determines which rule is matched to a packet on a first-match basis. The possible field values are 1-2147483647.

■Source MAC Address — Matches the source MAC address to which packets are addressed to the rule.

■Source Mask — Defines the source MAC Address wildcard mask. Wildcards are used to mask all or part of a source MAC address. Wildcard masks specify which bits are used and which are ignored. A wildcard mask of FF:FF:FF:FF:FF:FF indicates that no bit is important. A wildcard of 00.00.00.00.00.00.00 indicates that all bits are important. For example, if the source MAC address is 00:AB:22:11:33:00 and the wildcard mask is 00:00:00:00:00:FF, the first five bytes of the MAC are used, while the last byte is ignored. For the source MAC address 00:AB:22:11:33:00, this wildcard mask matches all MAC addresses in the range 00:AB:22:11:33:00 to 00:AB:22:11:33:FF.

■Destination MAC Address — Matches the destination MAC address to which packets are addressed to the rule.

■Destination Mask — Defines the destination MAC Address wildcard mask. Wildcards are used to mask all or part of a destination MAC address. Wildcard masks specify which bits are used and which are ignored. A wildcard mask of FF:FF:FF:FF:FF:FF indicates that no bit is important. A wildcard mask of 00.00.00.00.00.00 indicates that all bits are important. For example, if the destination MAC address is 00:AB:22:11:33:00 and the wildcard mask is 00:00:00:00:00:FF, the first five bytes of the MAC are used, while the last byte is ignored. For the destination MAC address 00:AB:22:11:33:00, this wildcard mask matches all MAC addresses in the range 00:AB:22:11:33:00 to 00:AB:22:11:33:FF.

■VLAN ID — Matches the packet's VLAN ID to the rule. The possible field values are 1 to 4093.

■

■

CoS — Classifies traffic based on the CoS tag value.

CoS Mask — Defines the CoS mask used to classify network traffic.

Image 65

3Com 2924-PWR manual Add Rules to ACL

Contents

3Com Baseline Switch 2924-PWR Plus 3Com Corporation Campus Drive Marlborough Managing System Information Provides information for User GuideOverview About this Guide Documentation ConventionsRelated Contents Viewing Basic Settings Configuring Ports Configuring Igmp Snooping Managing Power Over Ethernet Devices Device Specifications and Features Glossary Getting Started Hardware Features Hardware Features 2924-PWR Switch 2924-PWR Plus 24-Port-front panel Describes the meanings of the LEDs IndicatorsLED Status System Switch Installing Methods of Managing a Switch Setting Up forManagement Web Interface Management Refer to Setting Up Web Interface Management on Switch SetupRefer to Setting Up Snmp Management V1 or V2 on Snmp Management Initial Switch Setup and Management Flow Diagram Manual IP Configuration Automatic IP Configuration using Dhcp Prerequisites Interface CLI Manually set the IP Address using the Console Port Connecting the Workstation to the Switch IpSetup xxx.xxx.xxx.xxx mmm.mmm.mmm.mmm ggg.ggg.ggg.gggg Getting Started Choosing a Browser Setting Up WebInterface \ ping Over the Network Following prompt displays Upgrading Software usingEnter yes and press Return. The system reboots the switch Using the 3COM WEB Interface Starting the 3Com Accessing the 3Com Web InterfaceWeb Interface Multi-Session Web Connections Web Interface Enter Network Password 3Com Web Interface Home Understanding 3Com Web Interface Web Interface Components Management Buttons To access the Device RepresentationClick Device Summary Device View Table Options Using ScreenViewing Configuration Information Click Administration IP Setup. The IP Setup Page opens Adding Configuration Information System Access Modify Modify the fields Click . The access fields are modified System Access Remove Latest configuration to be saved to the flash memory ConfigurationTo save the device configuration Click . The configuration is saved Click . a confirmation message is displayed Resetting the DeviceClick Administration Reset. The Reset Page opens User Name and Password Restoring Factory Defaults Device Logging OffTo log off the device Click Viewing Basic Settings Click Device Summary. The Device Summary Page opens To view the Device Summary SettingsPage Color Key Click Device Summary Color Key. The Color Key Page opens Managing Device Security Managing Device Security System Access Summary Interface To define System Access To modify System Access To remove users Click . The Users are deleted, and the device is updated To configure the Radius client Managing Device Security 802.1X AuthenticationDefining Port-Based Click Security 802.1X Summary. The 802.1X Summary Page opens Defining Port-Based Authentication Click Security 802.1X Setup. The 802.1X Setup Page opens 802.1X Global Settings 802.1X Port Settings Managing Device Security MAC Based ACL Summary To view MAC Based ACLs MAC Based ACL Setup Page contains the following fields To configure MAC-based ACLsClick Device ACL MAC Based ACL Setup. The MAC Based ACL Add Rules to ACL Select Create ACL To modify a MAC-based ACL rule Modify Managing Device Security MAC Based ACL Remove Page contains the following fields Click Device ACL MAC Based ACL Remove. The MAC Based ACL Check Remove ACL IP Based ACL Summary Managing Device Security IP Based ACL Setup To configure IP-based ACLs Managing Device Security Defining Access Control Lists Select Create ACL IP Based ACL Modify Modify Rule Managing Device Security Defining Access Control Lists Click Device ACL IP Based ACL Remove. The IP Based ACL IP Based ACL Remove Updated ACL Binding Summary To define ACL Binding ACL Binding Setup ACL Binding Remove To remove ACL Binding Managing Device Security To define Broadcast Storm Traffic Broadcast Storm Setup Information Device View Managing System Information Page System Name To configure the System Name Enabled on the device Local SettingsTo configure the System Time System Time Setup Page contains the following fields Managing System Information Page Monitor users have no access to this Define the fields Click or . The device is reset To reset the device configuration Configuring Ports Page Port Administration Summary To view Port Settings 101 Port Administration Setup To configure Port Settings 103 To view Port Details Click Port Administration Detail. The Port Detail Page opens 105 Aggregating Ports Link Aggregation Summary Deselected ports To create Link AggregationBlue Displays a member of the aggregation being created Summary Blue Displays a member of the modified aggregation To modify Link AggregationLink Aggregation Modify Page includes the following fields Summary Link Aggregation Remove Page includes the following fields To remove Link Aggregation Lacp Summary Lacp Modify 115 Configuring Vlans Vlan Click Device Vlan Vlan Detail. The Vlan Detail Page opens Vlan Port Detail Vlan Setup Page contains the following fields Click Device Vlan Setup. The Vlan Setup Page opensCreate To create VLANs Rename Vlan Click Device Vlan Modify VLAN. The Modify Vlan Page opens To edit Vlan Settings Configuring Vlans Modify Vlan Port To modify Port Vlan Settings Click Device Vlan Remove. The Vlan Remove Page opens To delete VLANs Address Information To define an IP interface IP Setup Page contains the following fields Configuring ARP Settings ARP Settings Summary ARP Settings Setup To configure ARP entries To remove ARP entries ARP Settings Remove Configuring ARP Settings Address Tables ConfiguringDatabases is forwarded immediately to the port. The Dynamic Traffic is seen for a certain period, are erased To view address table settings Table Settings Port Summary Configuring Address Tables To add MAC addresses to the Address Table Address Table Configuring Address Tables To define the Aging Time Address Table Setup Page contains the following field Port Remove To remove ports Configuring IP and MAC Address Information Address Table Remove To remove MAC addresses from the Address Table Configuring IP and MAC Address Information Configuring Igmp Snooping Opens To configure Igmp SnoopingClick Device Igmp Snooping Setup. The Igmp Snooping Setup Select Enable or Disable from the Igmp Status list Configuring Spanning Tree Spanning Tree Summary Configuring Spanning Tree 149 Spanning Tree Setup Page contains the following fields Global SettingsTo configure Spanning Tree Setup Bridge Settings Designated Root Spanning Tree Modify To modify Spanning Tree Configuring Spanning Tree Snmp version Snmp version 2c Configuring Snmp To define Snmp communities Snmp Communities Setup Community String Insert New Community Enables adding an Snmp communitySnmp Management Snmp Communities Remove To remove Snmp communities To define Snmp traps Snmp Traps Setup Snmp Traps Remove To remove Snmp traps Snmp Traps Remove Page contains the following fields Service CoS Summary Click Device QoS CoS Summary. The CoS Summary Page opens Click Device QoS CoS Setup. The CoS Setup Page opens To configure CoS Settings CoS to Queue Summary CoS to Queue Setup To configure CoS values to queues Dscp to Queue Summary Can be assigned to queue To view the Dscp Queue To map CoS to Queues Be assigned to queue Trust Setup Click Device QoS Trust Setup. The Trust Setup Page opens Bandwidth Summary Ingress Rate Limit Egress Shaping Rates Bandwidth Setup Page contains the following fields To configure Bandwidth Settings Egress Shaping Rate Received unevenly. The system supports one Voice Vlan Defining VoiceThere are two operational modes for IP Phones Tagged packets are used for all communications Voice Vlan Summary Voice Vlan Setup Voice Vlan Port Setup Device is updated Defining Voice Vlan Voice Vlan Port Details To view Voice Vlan Port Detail Settings Voice Vlan OUI Summary Page contains the following fields To view Voice Vlan OUI SettingsOUI List Voice Vlan OUI Modify Voice Vlan OUI Modify Page contains the following fields Defining Voice Vlan Managing System Files 185 To backup System files Configuration Upload To restore System files Configuration Download Software Download To download the software image Active Image Active Image Page contains the following fields Ethernet Devices Port PoE Summary Page displays the following information Device Power Display Ports Power Display Click Port PoE Setup. The Port PoE Setup Page opens Managing Power Over Ethernet Devices System Log Severity Levels Managing System Logs Logging Display To view Logging To define Log Parameters Logging Setup Managing System Logs 199 Viewing Statistics Port Statistics Summary To view Rmon statistics Viewing Statistics 203 Managing Device Diagnostics Configuring Port Mirroring Port Mirroring Setup To enable port mirroring Configuring Port Mirroring Port Mirroring Remove To remove port mirroring To view cables diagnostics DiagnosticsViewing Cable Copper cable attached to a port Managing Device Diagnostics To test cables Diagnostics Supervisor 3Com Network Director Access Manager Network Node HP OpenViewManager Application such as 3Com Enterprise Management Suite EMS Physical Environmental Electrical Features of the Baseline Switch 2924-PWR Plus Switch Features Interface with Crossover Mdix SSL Vlan Null Modem Cable RJ-45 to RS-232 25-pin PC-AT Serial Cable 10/100 and 1000BASE-T RJ-45 connections Ethernet Port RJ-45 Pin Assignments Ethernet Port RJ-45 Pin Assignments Solutions ProblemTroubleshooting Problems Possible Cause Solution Contact 3Com Line Interface With the CommandGetting Started Sessions CLI Commands Example Syntax Default ConfigurationUser Guidelines Parameters Syntax Summary Syntax Summary Default Configuration Following example displays an IP address configured manually No default IP address is defined for interfaces Upgrade Tftp Server IP AddressDestination File NameFile Type Syntax Initialize Syntax Reboot Syntax Logout Default Configuration Logout The Logout command terminates the CLI session Syntax Password Default Configuration Password The Password command changes the user’s password Address Resolution Access Control ListBoot Protocol Service Dscp 239 MIB Group LAG Link Aggregation See Port Trunk Port Authentication See Ieee Terminal Access AuthenticationController Access Remote 243 Solve Problems Online Service BenefitsWarranty Services Downloads Access SoftwareContact Us Support and Repair Country Telephone Number US and Canada Telephone Technical Support and Repair 800 876 Regulatory Notices