Configuring ACLs

Configuring a MAC ACL Mask - Web

Configure the mask to match the required rules in the MAC ingress or egress ACLs. Set the mask to check for any source or destination address, a host address, or an address range.

Use a bitmask to search for specific VLAN ID(s) or Ethernet type(s). Or check for rules where a packet format was specified. Then click Add.

FIG. 81 Configuring a MAC based ACL

Configuring a MAC ACL Mask - CLI

This example shows how to create an Ingress MAC ACL and bind it to a port. You can then see that the order of the rules have been changed by the mask.

Console(config)#access-list mac M4 Console(config-mac-acl)#permit any any

Console(config-mac-acl)#denytagged-eth200-11-11-11-11-11ff-ff-ff-ff-ff-ffanyvid3 278

Console(config-mac-acl)#end Console#show access-list MAC access-list M4:

permit any any

deny tagged-eth2 host 00-11-11-11-11-11 any vid 3 Console(config)#access-list mac mask-precedence in Console(config-mac-mask-acl)#mask pktformat ff-ff-ff-ff-ff-ff any vid Console(config-mac-mask-acl)#exit

Console(config)#interface ethernet 1/12 Console(config-if)#mac access-group M4 in Console(config-if)#end

Console#show access-list MAC access-list M4:

deny tagged-eth2 host 00-11-11-11-11-11 any vid 3 permit any any

MAC ingress mask ACL:

mask pktformat host any vid Console#

Binding a Port to an Access Control List - Web

After configuring the Access Control Lists (ACL), you can bind the ports that need to filter traffic to the appropriate ACLs. You can only bind a port to one ACL for each basic type – IP ingress, IP egress, MAC ingress and MAC egress.

Command Usage

This switch supports ACLs for both ingress and egress filtering. However, you can only bind one IP ACL and one MAC ACL to any port for ingress filtering, and one IP ACL and one MAC ACL to any port for egress filtering. In other words, only four ACLs can be bound to an interface – Ingress IP ACL, Egress IP ACL, Ingress MAC ACL and Egress MAC ACL.

When an ACL is bound to an interface as an egress filter, all entries in the ACL must be deny rules. Otherwise, the bind operation will fail.

NXA-ENET24 - Software Management Guide

81

 

 

Page 101
Image 101
AMX NXA-ENET24 manual Configuring a MAC ACL Mask Web, Configuring a MAC ACL Mask CLI

NXA-ENET24 specifications

The AMX NXA-ENET24 is a versatile and powerful networked control interface designed to meet the growing demands of modern AV systems. This network switch offers an exceptional combination of reliability, performance, and scalability, making it an ideal choice for professional environments such as conference rooms, educational facilities, and control rooms.

One of the key features of the NXA-ENET24 is its 24-port configuration, allowing for extensive connectivity options. Each port supports 10/100/1000 Mbps speeds, ensuring that high bandwidth applications are handled with ease. Additionally, the switch incorporates advanced auto-negotiation technology, which automatically configures the optimal speed and duplex mode for connected devices. This ensures seamless connectivity and minimizes the risk of network disruptions.

The NXA-ENET24 is designed with advanced management capabilities, including support for VLANs, which helps to segment network traffic for enhanced security and performance. Network administrators can easily create virtual local area networks to optimize traffic flow and reduce congestion. This feature is particularly beneficial in environments where multiple AV systems operate concurrently.

Another significant characteristic of the NXA-ENET24 is its support for Power over Ethernet, or PoE. This feature enables the switch to deliver electrical power alongside data through the network cables. As a result, devices such as IP cameras, VoIP phones, and wireless access points can be powered directly from the switch, simplifying deployment and reducing the need for additional power sources.

Monitoring and management of the switch are made easier through a user-friendly interface. The NXA-ENET24 supports SNMP for network management, allowing users to monitor performance metrics, configure settings, and receive alerts in case of issues. This level of oversight is crucial for maintaining the stability of AV systems in mission-critical applications.

Durability is another hallmark of the NXA-ENET24 design. The switch features a robust chassis that is engineered to withstand the rigors of professional use. With cooling mechanisms in place and a fanless design, the NXA-ENET24 operates quietly and efficiently, making it suitable for environments where noise is a concern.

In conclusion, the AMX NXA-ENET24 is a powerful, reliable, and feature-rich network switch that effectively supports modern AV applications. With its extensive connectivity options, advanced management capabilities, PoE support, and durable design, it is an excellent choice for integrators and organizations looking to optimize their network infrastructure.