Select Create ACL | 3Com 2924-PWR instruction

76CHAPTER 4: MANAGING DEVICE SECURITY

wildcard mask matches all IP addresses in the range 149.36.184.0 to 149.36.184.255. A wildcard mask must not contain leading zeroes. For example, a wildcard mask of 010.010.011.010 is invalid, but a wildcard mask of 10.10.11.10 is valid.

■Match DSCP — Matches the packet DSCP value to the ACL. Either the DSCP value or the IP Precedence value is used to match packets to ACLs.

■Match IP Precedence — Matches the packet IP Precedence value to the rule. Either the DSCP value or the IP Precedence value is used to match packets to ACLs.

■Action — Defines the ACL forwarding action. In addition, the port can be shut down, a trap can be sent to the network administrator, or packet is assigned rate limiting restrictions for forwarding. The options are as follows:

■Permit — Forwards packets which meet the ACL criteria.

■Deny — Drops packets which meet the ACL criteria.

■Shutdown — Drops packet that meets the ACL criteria, and disables the port to which the packet was addressed. Ports are reactivated from the Port Administration Setup Page.

To create a new IP-based ACL:

1Select Create ACL.

2Enter the name of the new ACL.

3Click . The new ACL is created, and the device is updated.

To define a new IP-based ACL rule:

1Select Selection ACL.

2Select the ACL from the list.

3Define the fields for the new ACL rule.

4 Click. The new IP-based ACL rule settings are configured, and the device is updated.

Image 76

3Com 2924-PWR manual Select Create ACL

Contents

3Com Baseline Switch 2924-PWR Plus 3Com Corporation Campus Drive Marlborough Overview User GuideManaging System Information Provides information for About this Guide Related ConventionsDocumentation Contents Viewing Basic Settings Configuring Ports Configuring Igmp Snooping Managing Power Over Ethernet Devices Device Specifications and Features Glossary Getting Started Hardware Features 2924-PWR Hardware Features Switch 2924-PWR Plus 24-Port-front panel LED Status IndicatorsDescribes the meanings of the LEDs System Installing Switch Setting Up for Methods of Managing a SwitchManagement Web Interface Management Switch Setup Refer to Setting Up Web Interface Management onRefer to Setting Up Snmp Management V1 or V2 on Snmp Management Initial Switch Setup and Management Flow Diagram Automatic IP Configuration using Dhcp Manual IP Configuration Interface CLI Prerequisites Connecting the Workstation to the Switch Manually set the IP Address using the Console Port IpSetup xxx.xxx.xxx.xxx mmm.mmm.mmm.mmm ggg.ggg.ggg.gggg Getting Started Interface Setting Up WebChoosing a Browser Over the Network \ ping Enter yes and press Return. The system reboots the switch Upgrading Software usingFollowing prompt displays Using the 3COM WEB Interface Accessing the 3Com Web Interface Starting the 3ComWeb Interface Multi-Session Web Connections Enter Network Password Web Interface Understanding 3Com Web Interface 3Com Web Interface Home Web Interface Components Click Device Summary Device View To access the Device RepresentationManagement Buttons Viewing Configuration Information Using ScreenTable Options Adding Configuration Information Click Administration IP Setup. The IP Setup Page opens Modify the fields Click . The access fields are modified System Access Modify System Access Remove Configuration Latest configuration to be saved to the flash memoryTo save the device configuration Click . The configuration is saved Click Administration Reset. The Reset Page opens Resetting the DeviceClick . a confirmation message is displayed User Name and Password Defaults Restoring Factory Logging Off DeviceTo log off the device Click Viewing Basic Settings To view the Device Summary Settings Click Device Summary. The Device Summary Page opensPage Click Device Summary Color Key. The Color Key Page opens Color Key Managing Device Security Managing Device Security System Access Summary To define System Access Interface To modify System Access Click . The Users are deleted, and the device is updated To remove users To configure the Radius client Managing Device Security Defining Port-Based Authentication802.1X Click Security 802.1X Summary. The 802.1X Summary Page opens Defining Port-Based Authentication 802.1X Global Settings Click Security 802.1X Setup. The 802.1X Setup Page opens 802.1X Port Settings Managing Device Security To view MAC Based ACLs MAC Based ACL Summary Click Device ACL MAC Based ACL Setup. The MAC Based ACL To configure MAC-based ACLsMAC Based ACL Setup Page contains the following fields Add Rules to ACL Select Create ACL Modify To modify a MAC-based ACL rule Managing Device Security Click Device ACL MAC Based ACL Remove. The MAC Based ACL MAC Based ACL Remove Page contains the following fields Check Remove ACL IP Based ACL Summary Managing Device Security To configure IP-based ACLs IP Based ACL Setup Managing Device Security Defining Access Control Lists Select Create ACL Modify Rule IP Based ACL Modify Managing Device Security Defining Access Control Lists Click Device ACL IP Based ACL Remove. The IP Based ACL IP Based ACL Remove Updated ACL Binding Summary ACL Binding Setup To define ACL Binding To remove ACL Binding ACL Binding Remove Managing Device Security Broadcast Storm Setup To define Broadcast Storm Traffic Information Device View Managing System Information Page To configure the System Name System Name Local Settings Enabled on the deviceTo configure the System Time System Time Setup Page contains the following fields Managing System Information Page Monitor users have no access to this To reset the device configuration Define the fields Click or . The device is reset Configuring Ports Page To view Port Settings Port Administration Summary 101 To configure Port Settings Port Administration Setup 103 Click Port Administration Detail. The Port Detail Page opens To view Port Details 105 Aggregating Ports Link Aggregation Summary Blue Displays a member of the aggregation being created To create Link AggregationDeselected ports Summary Link Aggregation Modify Page includes the following fields To modify Link AggregationBlue Displays a member of the modified aggregation Summary To remove Link Aggregation Link Aggregation Remove Page includes the following fields Lacp Summary Lacp Modify 115 Configuring Vlans Click Device Vlan Vlan Detail. The Vlan Detail Page opens Vlan Vlan Port Detail Click Device Vlan Setup. The Vlan Setup Page opens Vlan Setup Page contains the following fieldsCreate To create VLANs Rename Vlan To edit Vlan Settings Click Device Vlan Modify VLAN. The Modify Vlan Page opens Configuring Vlans To modify Port Vlan Settings Modify Vlan Port To delete VLANs Click Device Vlan Remove. The Vlan Remove Page opens Address Information IP Setup Page contains the following fields To define an IP interface Configuring ARP Settings ARP Settings Summary To configure ARP entries ARP Settings Setup ARP Settings Remove To remove ARP entries Configuring ARP Settings Configuring Address TablesDatabases is forwarded immediately to the port. The Dynamic Traffic is seen for a certain period, are erased Table Settings To view address table settings Port Summary Configuring Address Tables Address Table To add MAC addresses to the Address Table Configuring Address Tables Address Table Setup Page contains the following field To define the Aging Time To remove ports Port Remove Configuring IP and MAC Address Information To remove MAC addresses from the Address Table Address Table Remove Configuring IP and MAC Address Information Configuring Igmp Snooping Click Device Igmp Snooping Setup. The Igmp Snooping Setup To configure Igmp SnoopingOpens Select Enable or Disable from the Igmp Status list Configuring Spanning Tree Spanning Tree Summary Configuring Spanning Tree 149 To configure Spanning Tree Setup Global SettingsSpanning Tree Setup Page contains the following fields Bridge Settings Designated Root To modify Spanning Tree Spanning Tree Modify Configuring Spanning Tree Configuring Snmp Snmp version Snmp version 2c Snmp Communities Setup To define Snmp communities Snmp Management Insert New Community Enables adding an Snmp communityCommunity String To remove Snmp communities Snmp Communities Remove Snmp Traps Setup To define Snmp traps To remove Snmp traps Snmp Traps Remove Snmp Traps Remove Page contains the following fields Service Click Device QoS CoS Summary. The CoS Summary Page opens CoS Summary To configure CoS Settings Click Device QoS CoS Setup. The CoS Setup Page opens CoS to Queue Summary To configure CoS values to queues CoS to Queue Setup Can be assigned to queue To view the Dscp Queue Dscp to Queue Summary Be assigned to queue To map CoS to Queues Click Device QoS Trust Setup. The Trust Setup Page opens Trust Setup Ingress Rate Limit Bandwidth Summary Egress Shaping Rates To configure Bandwidth Settings Bandwidth Setup Page contains the following fields Egress Shaping Rate Defining Voice Received unevenly. The system supports one Voice VlanThere are two operational modes for IP Phones Tagged packets are used for all communications Voice Vlan Summary Voice Vlan Setup Voice Vlan Port Setup Device is updated Defining Voice Vlan To view Voice Vlan Port Detail Settings Voice Vlan Port Details OUI List To view Voice Vlan OUI SettingsVoice Vlan OUI Summary Page contains the following fields Voice Vlan OUI Modify Page contains the following fields Voice Vlan OUI Modify Defining Voice Vlan Managing System Files 185 Configuration Upload To backup System files Configuration Download To restore System files To download the software image Software Download Active Image Page contains the following fields Active Image Ethernet Devices Device Power Display Port PoE Summary Page displays the following information Ports Power Display Click Port PoE Setup. The Port PoE Setup Page opens Managing Power Over Ethernet Devices Managing System Logs System Log Severity Levels To view Logging Logging Display Logging Setup To define Log Parameters Managing System Logs 199 Viewing Statistics To view Rmon statistics Port Statistics Summary Viewing Statistics 203 Managing Device Diagnostics Configuring Port Mirroring To enable port mirroring Port Mirroring Setup Configuring Port Mirroring To remove port mirroring Port Mirroring Remove Diagnostics To view cables diagnosticsViewing Cable Copper cable attached to a port Managing Device Diagnostics Diagnostics To test cables 3Com Network Supervisor Access Manager Director HP OpenView Network NodeManager Application such as 3Com Enterprise Management Suite EMS Environmental Physical Features of the Baseline Switch 2924-PWR Plus Electrical Switch Features Interface with Crossover Mdix SSL Vlan PC-AT Serial Cable Null Modem Cable RJ-45 to RS-232 25-pin Ethernet Port RJ-45 Pin Assignments 10/100 and 1000BASE-T RJ-45 connections Ethernet Port RJ-45 Pin Assignments Troubleshooting ProblemSolutions Problems Possible Cause Solution Contact 3Com Getting Started With the CommandLine Interface CLI Commands Sessions User Guidelines Syntax Default ConfigurationExample Syntax Parameters Syntax Summary Default Configuration Summary No default IP address is defined for interfaces Following example displays an IP address configured manually Upgrade Tftp Server IP AddressDestination File NameFile Type Syntax Initialize Syntax Reboot Logout The Logout command terminates the CLI session Syntax Logout Default Configuration Password The Password command changes the user’s password Syntax Password Default Configuration Access Control List Address ResolutionBoot Protocol Service Dscp 239 Group LAG Link Aggregation See Port Trunk MIB Port Authentication See Ieee Authentication Terminal AccessController Access Remote 243 Service Benefits Solve Problems OnlineWarranty Services Access Software DownloadsContact Us Support and Repair Country Telephone Number US and Canada Telephone Technical Support and Repair 800 876 Regulatory Notices