Chapter 3: Configuration
3.2.3 Access Control List
This section describes how to configure Access Control List rule. An Access Control List (ACL) is a sequential list of permit or deny conditions that apply to IP addresses, MAC addresses, or other more specific criteria. This switch tests ingress packets against the conditions in an ACL one by one. A packet will be accepted as soon as it matches a permit rule, or dropped as soon as it matches a deny rule. If no rules match, the frame is accepted. Other actions can also be invoked when a matching packet is found, including rate limiting, copying matching packets to another port or to the system log, or shutting down a port.
This page shows the Access Control List (ACL), which is made up of the ACEs defined on this switch. Each row describes the ACE that is defined. The maximum number of ACEs is 256 on each switch. Click on the lowest plus sign to add a new ACE to the list. The reserved ACEs used for internal protocol, cannot be edited or deleted, the order sequence cannot be changed an the priority is highest.
Web Interface
To configure Access Control List in the Web interface:
1.Click Configuration, ACL, then Configuration.
2.Click the button to add a new ACL, or use the other ACL modification buttons to specify the editing action (i.e., edit, delete, or moving the relative position of entry in the list).
3.To specific the parameter of the ACE.
4.Click the Save button to save the setting.
5.To cancel a setting, click the Reset button. It will revert to previously saved values.
6.When editing an entry on the Access Control Entry (ACE) Configuration page, note that the Items displayed depend on various selections, such as Frame Type and IP Protocol Type. Then specify the relevant criteria to be matched for this rule, and set the actions to take when a rule is matched (such as Rate Limiter, Port Copy, Logging, and Shutdown).
Figure 3-10. The ACL Rate Limiter Configuration screen.
LGB1108A | Page 53 | |
|
|