Manuals / 3Com / Computer Equipment / Switch

3Com 3CRDSF9PWR manual Add Rules to ACL, Select Create ACL

Models: 3CRDSF9PWR

1 256

Download 256 pages 60.62 Kb

Page 85

Defining Access Control Lists

85

Add Rules to ACL

■

■

■

■

Source MAC Address — Matches the source MAC address to which packets are addressed.

Source Mask — Defines the source MAC Address wildcard mask. Wildcards are used to mask all or part of a source MAC address. Wildcard masks specify which bits are used and which are ignored. A wildcard mask of FF:FF:FF:FF:FF:FF indicates that all the bits are important. A wildcard of 00.00.00.00.00.00.00 indicates that no bits are important. For example, if the source MAC address is 00:AB:22:11:33:00 and the wildcard mask is FF:FF:FF:FF:FF:00, the first five bytes of the MAC are used, while the last byte is ignored. For the source MAC address 00:AB:22:11:33:00, this wildcard mask matches all MAC addresses in the range 00:AB:22:11:33:00 to 00:AB:22:11:33:FF.

Destination MAC Address — Matches the destination MAC address to which packets are addressed.

Destination Mask — Defines the destination MAC Address wildcard mask. Wildcards are used to mask all or part of a destination MAC address. Wildcard masks specify which bits are used and which are ignored. For more details, refer to the description for Source Mask.

■VLAN ID — Matches the packet's VLAN ID. The possible field values are 0 to 4095.

■CoS — Classifies traffic based on the CoS tag value. The possible field values are 0 to 7.

■CoS Mask — Defines the CoS mask used to classify network traffic. The possible field values are 0 to 7.

■Ethertype — Provides an identifier that differentiates between various types of protocols. The range is 0-65535decimal.

■Action — Specifies the ACL forwarding action. The options are as follows:

■Permit — Forwards packets which meet the ACL criteria.

■Deny — Drops packets which meet the ACL criteria.

To create a new MAC-based ACL:

1Select Create ACL.

2Enter the name of the new ACL.

3Click . The new ACL is created, and the device is updated.

Image 85

3Com 3CRDSF9PWR manual Add Rules to ACL, Select Create ACL

Contents

3Com OfficeConnect Managed PoE Switch 3Com Corporation Campus Drive Marlborough Overview User GuideManaging System Information Provides information for About this Guide Related ConventionsDocumentation Lists conventions that are used throughout this guideAbout this Guide Contents Viewing Basic Settings Configuring Ports Configuring Igmp Snooping Managing System Files -O UTS Managing Device DiagnosticsTroubleshooting Page Getting Started About SwitchOfficeConnect Managed FastOfficeConnect Managed Fast Ethernet PoE Switch-front panel OfficeConnect Managed Fast Ethernet PoE switch provides LED IndicatorsLED Status Describes the meanings of the LEDsFast Ethernet PoE switch SpecificationsSystem Installing Methods of Managing a Switch Setting Up forManagement Refer to Setting Up Command Line Interface Management on Refer to Setting Up Web Interface Management onRefer to Setting Up Snmp Management V1 or V2 on Switch SetupConfigure IP information manually for your switch or view Automatically configured IP informationInitial Switch Setup and Management Flow Diagram Manual IP Configuration Automatic IP Configuration using DhcpPrerequisites Interface CLIManually set the IP Address using the Console Port Connecting the Workstation to the SwitchConsole#configure Console#show ip interface Interface Setting Up WebChoosing a Browser Command Line Setting UpInterface Management Over the NetworkWhere xxx.xxx.xxx.xxx is the IP address of the switch Network Using TelnetDefault Users Upgrading Software usingFollowing prompt displays Enter y and press Return. The system reboots the switchUsing the 3COM WEB Interface Starting the 3Com Accessing the 3Com Web InterfaceWeb Interface Multi-Session Web ConnectionsWeb Interface Enter Network Password3Com Web Interface Home Understanding 3Com Web InterfaceInterface Components View Description Following table lists the user interface componentsClick Device Summary Device View To access the Device RepresentationManagement Buttons To view configuration information Using ScreenTable Options IP Setup Click Administration IP Setup. The IP Setup Page opensSystem Access Modify Modify the fields Click . The access fields are modifiedConfiguration to be saved to the flash memory ConfigurationTo save the device configuration Click . The configuration is savedClick Administration Reset. The Reset Page opens Resetting the DeviceClick . a confirmation message is displayed Password is displayed Reboot in 15 secondsClick Restores device factory defaults DefaultsTo restore the device Restoring FactoryDevice Logging OffTo log off the device Following message appearsViewing Basic Settings Device Summary Page contains the following fields To view the Device Summary SettingsPolling Interval Polling Interval Page contains the following fieldsColor Key Click Device Summary Color Key. The Color Key Page opensManaging Device Security Managing Device Security System Access Summary Interface To define System AccessTo modify System Access To remove users Click . The Users are deleted, and the device is updatedTo configure the Radius client Managing Device Security Defining Port-Based Authentication802.1X Click Security 802.1X Summary. The 802.1X Summary Page opens Defining Port-Based Authentication Port Settings 802.1X System SettingClick Security 802.1X Setup. The 802.1X Setup Page opens Defining Port-Based Authentication Local Database DefiningForwarded on to the originally requested web To configure Local Database Settings AuthenticationLocal Database Setup Page contains the following fields Local Database Port Detail Local Database Port Setup Page contains the following fields User Name The name of users stored in the local database To display the users stored in the Local DatabaseCreate a User To create user entries in the Local DatabaseSummary Local Database User Modify Local Database User Remove To remove a user entry from the Local DatabaseConnection to EncryptingClient and server establish a secure encrypted connection To configure Https settingsHttps//deviceportnumber Disabled Https is disabled on the deviceHttps Download Certificate Managing Device Security Switch supports both SSH Version 1.5 and 2.0 clients Click Security SSH Host Key. The SSH Host Key Page opens To view the DSA and RSA keysSSH Host Key Page contains the following fields SSH Key Generate Must use this web page to create a public host keyAccess Control Lists ACLs allow network managers to define Defining AccessControl Lists Filters that determine traffic classificationsMAC Based ACL Summary Click Device ACL MAC Based ACL Setup. The MAC Based ACL To configure MAC-based ACLsSelect Create ACL Add Rules to ACLClick Device ACL MAC Based ACL Remove. The MAC Based ACL To define a new MAC-based ACL ruleCheck Remove ACL IP Based ACL Summary Defining Access Control Lists Click Device ACL IP Based ACL Setup. The IP Based ACL Setup To configure IP-based ACLsOpens Add Rules to ACL Managing Device Security Click Device ACL IP Based ACL Remove. The IP Based ACL To create a new IP-based ACLUpdated ACL Binding Summary To define ACL Binding ACL Binding SetupACL Binding Remove To remove ACL BindingManaging Device Security To display the storm control settings SettingsStorm Control For all portsTo configure Broadcast Storm Control ConfiguringControl Define the relevant fieldsUsing Broadcast Storm Control Managing Device Security Information Device View Viewing System Description System settings. The section includes the following topics SettingsConfiguring the System Name Configuring System TimeDevice To configure the System NameSystem Time Setup To configure the System TimeDefining System Settings Saved to the flash memory Saving the DeviceTo reset the device configuration Managing System Information Configuring Ports Port Administration Summary 115 Port Administration Setup To configure Port Settings117 Click Port Administration Detail. The Port Detail Page opens 119 Configuring Ports Aggregating Ports Link Aggregation Summary Blue Displays a member of the aggregation being created To create Link AggregationDeselected ports SummaryLink Aggregation Modify Page includes the following fields To modify Link AggregationBlue Displays a member of the modified aggregation Summary Link Aggregation Remove Page includes the following fields To remove Link AggregationLacp Summary Lacp Modify Aggregating Ports Configuring Vlans Vlan Click Device Vlan Vlan Detail. The Vlan Detail Page opensVlan Port Detail Vlan Setup Page contains the following fields Click Device Vlan Setup. The Vlan Setup Page opensCreate VLANs To create VLANsClick Device Vlan Rename. The Vlan Rename Page opens To rename VLANsClick Device Vlan Modify VLAN. The Modify Vlan Page opens To edit Vlan Settings137 Click Device Vlan Modify Port. The Modify Port Page opens To modify Port Vlan SettingsClick Device Vlan Remove. The Vlan Remove Page opens To delete VLANsConfiguring Vlans Address Information Defining IP IP Setup Page contains the following fieldsAddressing To define an IP interfaceConfiguring ARP Settings ARP Settings Summary ARP Settings Setup To configure ARP entriesTo remove ARP entries ARP Settings RemoveConfiguring ARP Settings Configuring IP and MAC Address Information To view address table settings Table SettingsPort Summary Configuring Igmp Snooping Click Device Igmp Snooping Setup. The Igmp Snooping To configure Igmp SnoopingVlan Settings Configuring Igmp Snooping Configuring Spanning Tree Spanning Tree Summary 157 Spanning Tree To configure Spanning Tree Setup159 To modify Spanning Tree Spanning Tree Port SetupRecommended STA Path Cost Range Configuring Spanning Tree Snmp version Snmp version 2c Configuring SnmpTo set the operational status for Snmp Click Administration Snmp Setup. The Snmp Setup Page opensTo define Snmp communities Click Administration Snmp Snmp Add. The Snmp Add Page opensSnmp Trap Community StringSnmp Add Page contains the following fields Removing Snmp Remove Community StringCommunities To remove Snmp communities or trapsRemove Snmp Trap Service CoS Summary Click Device QoS CoS Summary. The CoS Summary Page opensClick Device QoS CoS Setup. The CoS Setup Page opens To configure CoS SettingsClick Device QoS Queue. The Queue Setup Page opens To configure the queue modeCoS to Queue Summary With 0 representing the lowest queue and 3 as the highest To configure CoS values to queuesDscp to CoS Summary To view the Dscp to CoS mappingTo map Dscp to CoS values Dscp to CoS SetupTrust Setup Page contains the following fields Click Device QoS Trust Setup. The Trust Setup Page opensBandwidth Summary Ingress Rate LimitEgress Shaping Rates Bandwidth Setup Page contains the following fields To configure Bandwidth SettingsBe applied to the egress traffic on a specified interface Egress Shaping Rate Configuring Quality of Service Voice Vlan Summary Voice Vlan Setup To configure Voice Vlan SettingsVoice Vlan is defined, and the device is Voice Vlan Port Setup To configure Voice Vlan port settingsDevice is updated Port Definitions To view Voice Vlan Port Detail SettingsFor specific ports Configuring Voice Vlan OUI List To view Voice Vlan OUI SettingsVoice Vlan OUI Summary Page contains the following fields Voice Vlan OUI Modify Page contains the following fields To modify Voice Vlan OUI SettingsConfiguring Quality of Service Managing System Files Managing System Files To backup System files Configuration UploadTo restore System files Configuration DownloadSoftware RestoringTo download the software image Software DownloadManaging System Files Ethernet Devices Port PoE Summary Page displays the following information Device Power DisplayPort Power Display Click Port PoE Setup. The Port PoE Setup Page opens To configure Port PoE Settings203 Managing Power Over Ethernet Devices System Log Severity Levels Managing System LogsLogging Display To view LoggingTo define Log Parameters Logging Setup Page contains the following fieldsManaging System Logs Viewing Statistics Port Statistics Summary To view port statisticsPort Statistics Summary Page Field Description Port Statistics Summary Page Field Description 213 Port Statistics Summary Page Field Description Managing Device Diagnostics Port mirroring is not supported for trunk ports Port Mirroring Setup To enable port mirroringManaging Device Diagnostics Port Mirroring Remove To remove port mirroringCable Diagnostics Summary To view cables diagnosticsConfiguring Cable Diagnostics To test cables DiagnosticsPinging Another Using the command line interface to ping another deviceRequest packets to another node on the network Press Esc to stop pinging Supervisor 3Com NetworkDirector Access ManagerNetwork Node HP OpenViewManager Application such as 3Com Enterprise Management Suite EMSAppendix a 3COM Network Management Physical EnvironmentalElectrical Feature DescriptionSwitch Features Interface with Crossover Mdix SSL Appendix B Device Specifications and Features Null Modem Cable RJ-45 to RS-232 25-pin PC-AT Serial Cable10/100 and 1000BASE-T RJ-45 connections Ethernet Port RJ-45 Pin AssignmentsEthernet Port RJ-45 Pin Assignments Appendix C PIN-OUTS Troubleshooting ProblemSolutions Problems Possible Cause Solution No connection and the port LED is off Lost PasswordProblems Possible Cause Solution Appendix D Troubleshooting Address Resolution Access Control ListBoot Protocol Service DscpAppendix E Glossary Ieee Ieee 802.3uIgmp Snooping Igmp QueryLink Aggregation See Port Trunk Port Authentication See IeeeRemote Monitoring RemoteProtocol Rstp Secure Shell SSHThough located on the same LAN Byte blocks and error-correctedXModem Register Your Service BenefitsProduct to Gain TTroubleshootServices WarrantyAccess Software Purchase ExtendedContact Us Must apply for a user name and passwordNext section Directory of 3Com resources by region at00800 4411 Contact Us Appendix F Obtaining Support for Your 3COM Products Regulatory Notices