Configurable Data

Rule - Enter a whole number in the range of (1 to 8) that will be used to identify the rule.

Action - Specify what action should be taken if a packet matches the rule's criteria. The choices are permit or deny.

Assign Queue ID - Specifies the hardware egress queue identifier used to handle all packets matching this ACL rule. Valid range of Queue Ids is (0 to 6).

Redirect Interface - Specifies the specific egress interface where the matching traffic stream is forced, bypassing any forwarding decision normally performed by the device.

CoS - Specifies the 802.1p user priority to compare against an Ethernet frame. Valid range of values is (0 to 7).

Destination MAC - Specifies the destination MAC address to compare against an Ethernet frame. Valid format is (xx:xx:xx:xx:xx:xx). The BPDU keyword may be specified using a Destination MAC address of 01:80:C2:xx:xx:xx.

Ethertype Key - Specifies the Ethertype value to compare against an Ethernet frame. Valid values are

ƒAppletalk

ƒARP

ƒIBM SNA

ƒIPv4

ƒIPv6

ƒIPX

ƒMPLS multicast

ƒMPLS unicast

ƒNetBIOS

ƒNovell

ƒPPPoE

ƒReverse ARP

ƒUser Value

Ethertype User Value - Specifies the user defined customised Ethertype value to be used when the user has selected "User Value" as Ethertype Key, to compare against an Ethernet frame. Valid range of values is (0x0600 to 0xFFFF).

Source MAC - Specifies the Source MAC address to compare against an Ethernet frame. Valid format is (xx:xx:xx:xx:xx:xx).

VLAN - Specifies the VLAN ID to compare against an Ethernet frame. Valid range of values is (1 to 3965). Either VLAN Range or VLAN can be configured.

Match Every - Specifies an indication to match every Layer 2 MAC packet.

Valid values are

ƒTrue - Signifies that every packet is considered to match the selected ACL Rule.

ƒFalse - Signifies that it is not mandatory for every packet to match the selected ACL Rule.

597

Page 597
Image 597
Fortinet MR1 manual ƒ Appletalk, ƒ IPv4 ƒ IPv6