Defining IP Based Access Control Lists | Intel AXXSW1GB manual

Defining IP Based Access Control Lists

Access Control Lists (ACL) allow network managers to define classification actions and rules for specific ingress ports. Packets entering an ingress port, with an active ACL, are either admitted or denied entry. If they are denied entry, the user can disable the port.

ACLs are composed of access control entries (ACEs) which are rules that are made of the filters that determine traffic classifications.

When configuring ACLs consider the following:

•The maximum number of ACEs/rules per a single ACL are 1018.

•The maximum number of ACEs/rules in all ACLs are 1021.

•The maximum number of ACLs applied to a single interface are 256.

The IP Based ACL Page contains information for defining IP Based ACLs and rules.

To define IP Based ACLs:

1.Click Network Security > Access Control List > IP Based ACL. The IP Based ACL Page opens:

Figure 17. IP Based ACL Page

The IP Based ACL Page contains the following fields:

•ACL Name — Displays the user-defined IP based ACLs.

•Delete — Deletes the IP based ACLs. The possible field values are:

—Checked — Deletes the selected IP based ACL.

—Unchecked — Maintains the IP based ACLs.

•Priority — Indicates the Rule priority that determines which rule is matched to a packet based on a first-match basis. The possible field value is 1-2147483647.

22	Intel® Gigabit Ethernet Switch AXXSW1GB User Guide

Image 35

Intel AXXSW1GB manual Defining IP Based Access Control Lists

Contents

Guide for System Administrators of Intel Server Products Intel Gigabit Ethernet Switch AXXSW1GB User Guide Disclaimer Safety Information Intel Gigabit Ethernet Switch AXXSW1GB User Guide User Guide Overview Preface Intended Audience Table of Contents 166 Additional Information and Software List of Tables Intel Gigabit Ethernet Switch AXXSW1GB User Guide Embedded Web Interface Home List of Figures Vlan Subnet-based Groups Policy Table 124 Getting Started Embedded Web Interface Home Starting the Embedded Web Interface Interface Components Understanding the Embedded Web Interface Device Representation Device Representation Button Button Name Description Using the Embedded Web Interface Management Buttons Adding Configuration Information Using Screen and Table Options Deleting Configuration Information Modifying Configuration Information Click . The Embedded Web Interface Home Page closes Resetting the DeviceLogging Off the Device Viewing System Information Managing Device Information Resetting the Device Configuring Traffic Control Configuring Device Security Storm Control Click . The Storm Control Settings Page opens Managing Port Security Intel Gigabit Ethernet Switch AXXSW1GB User Guide Edit Port Security Settings Click . The Edit Port Security Settings Page opens Defining Access Control Lists Defining MAC Based Access Control Lists Intel Gigabit Ethernet Switch AXXSW1GB User Guide Add MAC Based ACL and First Rule Click . The Add MAC Based ACL and First Rule Page opens Edit Rule Defining IP Based Access Control Lists Intel Gigabit Ethernet Switch AXXSW1GB User Guide Intel Gigabit Ethernet Switch AXXSW1GB User Guide Add IP Based ACL and First Rule Click . The Add IP Based ACL and First Rule Page opens Add IP Based Rule To modify an IP based Rule Binding Device Security ACLs Edit ACL Binding Click . The Edit ACL Binding Page opens Intel Gigabit Ethernet Switch AXXSW1GB User Guide Port Configuration Configuring Ports Auto Use to automatically detect the cable type Port Configuration Settings Click . The Port Configuration Settings Page opens Intel Gigabit Ethernet Switch AXXSW1GB User Guide Aggregating Ports LAG Configuration Configuring LAGs LAG Configuration Settings Click . The LAG Configuration Settings Page opens Intel Gigabit Ethernet Switch AXXSW1GB User Guide Intel Gigabit Ethernet Switch AXXSW1GB User Guide LAG Membership Defining LAG Members LAG Membership Settings Click . The LAG Membership Settings Page opens Lacp Parameters Configuring Lacp Lacp Parameters Settings Click . The Lacp Parameters Settings Page opens Configuring Virtual Trunk Group Failover Trunk Group Fail Over Edit Fail Over Group Click . The Edit Fail Over Group Page opens Configuring VLANs Vlan Properties Defining Vlan Properties Add Vlan Vlan Membership Defining Vlan Membership Intel Gigabit Ethernet Switch AXXSW1GB User Guide Edit Vlan Membership Click . The Edit Vlan Membership Page opens Interface Settings Defining Vlan Interface Settings Intel Gigabit Ethernet Switch AXXSW1GB User Guide Vlan Interface Settings Click . The Interface Settings Page opens Defining Vlan Groups Click . The Add Vlan MAC-based Groups Page opens Defining Vlan MAC Based Groups Add Vlan MAC-based Groups Click . The MAC Groups Settings Page opens Click . The Add Vlan Subnet-based Groups Page opens Defining Vlan Subnet Based Groups Add Vlan Subnet-based Groups Click . The Subnet-based Group Settings opens Click . The Add Protocol-based Groups Page opens Defining Vlan Protocol Based Groups IP IP Internet Protocol IP IPX Internet Packet Exchange IPX Add Protocol-based Groups Protocol-based Groups Settings Click . The Protocol-based Groups Settings Page opens Mapping Groups to Vlan Mapping Groups to VLANs Mapping Groups to Vlan Settings Defining Garp Configuring Garp Garp Parameters Settings Click . The Garp Parameters Settings Page opens Gvrp Parameters Defining Gvrp Gvrp Parameters Settings Click . The Gvrp Parameters Settings Page opens Intel Gigabit Ethernet Switch AXXSW1GB User Guide Defining Forwarding Database Static Addresses Defining Static Forwarding Database Entries Add Static MAC Address Click . The Add Static MAC Address Page opens Dynamic Addresses Defining Dynamic Forwarding Database Entries Select an Address Table Sort Key Intel Gigabit Ethernet Switch AXXSW1GB User Guide Configuring Multicast Forwarding Igmp Snooping Defining Igmp Snooping Igmp Snooping Settings Multicast Group Defining Multicast Groups Add Multicast Group Click . The Add Multicast Group Page opens Edit Multicast Group Edit Multicast Group Page opens Forbidden Excluded from Igmp Learned Port List Defining Multicast Forward All Settings Edit Multicast Forward All Click . The Multicast Forward All Page opens Configuring Spanning Tree Defining Spanning Tree Global Settings Bridge Settings Intel Gigabit Ethernet Switch AXXSW1GB User Guide Spanning Tree Interface Settings Defining Spanning Tree Interface Settings Intel Gigabit Ethernet Switch AXXSW1GB User Guide Intel Gigabit Ethernet Switch AXXSW1GB User Guide Click . The Spanning Tree Interface Settings Page opens Rapid STP Defining Rapid STP Intel Gigabit Ethernet Switch AXXSW1GB User Guide Rapid Spanning Tree Settings Click . The Rapid Spanning Tree Settings Page opens Multiple STP Properties Defining Multiple STP Instance To Vlan Settings Defining Multiple STP Instance To Vlan Settings Instance Settings Defining Multiple STP Instance Settings Instance Settings Page is defined, and the device is Defining Multiple STP Interface Settings Intel Gigabit Ethernet Switch AXXSW1GB User Guide 101 Interface Table Configuring Quality of Service VPT Classification Information Quality of Service Overview Defining General QoS Settings Click QoS General CoS. The CoS Global Settings Page opens Configuring CoS General Parameters Click . The Modify Port Priority Page opens Restoring Factory Default QoS Interface Settings Click QoS General Queue. The Queue Page opens Defining Queues Intel Gigabit Ethernet Switch AXXSW1GB User Guide 109 Bandwidth Settings Configure Bandwidth Settings Modify Bandwidth Settings Click . The Modify Bandwidth Settings Page opens Click QoS General CoS to Queue. The CoS to Queue Page opens Configuring QoS Mapping Dscp to Queue Mapping Dscp Values to Queues Configuring Basic General Parameters Configuring Basic QoS Settings QoS General Settings are configure, and the device is QoS Dscp Rewrite Configuring Dscp Rewrite Defining Policy Properties Configuring Advanced QoS Settings Mapping Dscp Values Creating Class Maps Add QoS Class Map Click . The Add QoS Class Map Page opens Aggregating Policiers Click . The Edit QoS Aggregate Policer Page opens Click . The Add Aggregated Policier Page opens Defining Policies Defining Policy Profiles Policy Table 125 Edit QoS Policy Profile Click . The Edit QoS Policy Profile Page opens Attaching Policies to Interfaces Click . The Add Qos Policy Binding Page opens Click . The Qos Policy Binding Settings Page opens System Log Severity Levels Managing System Logs System Logs Properties Enabling System Logs Intel Gigabit Ethernet Switch AXXSW1GB User Guide 131 Click System Logs Flash. The System Flash Logs Page opens Viewing the Flash Logs Clearing Flash Logs Viewing the Device Memory Logs Clearing Device Memory Logs Managing Device Diagnostics Port Mirroring Configuring Port Mirroring Intel Gigabit Ethernet Switch AXXSW1GB User Guide 137 Ethernet Ports Ethernet Ports Diagnostics Cable Extended Feature Copper Cable Extended Feature 140 CPU Utilization Viewing the CPU Utilization 142 Viewing Interface Statistics Viewing StatisticsViewing Statistics Interface Statistics Viewing Device Interface Statistics Open the Interface Statistics Resetting Interface Statistics Counters Etherlike Statistics Viewing Etherlike Statistics Open the Etherlike Statistics Resetting Etherlike Statistics Counters Gvrp Statistics Viewing Gvrp Statistics Open the Gvrp Statistics Resetting Gvrp Statistics Counters Viewing Rmon Statistics Managing Rmon Statistics Intel Gigabit Ethernet Switch AXXSW1GB User Guide 151 Open the Rmon Statistics Resetting Rmon Statistics Counters Configuring Rmon History Page Add History Entry Settings Click . The Add History Entry Settings Page opens Rmon History Control Settings Click . The Rmon History Control Settings Page opens Viewing the Rmon History Table 158 Configuring Rmon Events 160 Viewing the Rmon Events Logs Page Add Alarm Entry Click . The Add Alarm Entry Page opens Rmon Alarms Definition Intel Gigabit Ethernet Switch AXXSW1GB User Guide 165 Symptoms / Problems Possible Causes Solutions Troubleshooting Switch web browser cannot Web browser settings are English Installation/Assembly Safety Instructions 169 Deutsch Intel Gigabit Ethernet Switch AXXSW1GB User Guide 170 171 Intel Gigabit Ethernet Switch AXXSW1GB User Guide 172 Français Intel Gigabit Ethernet Switch AXXSW1GB User Guide 174 Español Intel Gigabit Ethernet Switch AXXSW1GB User Guide 176 Italiano Intel Gigabit Ethernet Switch AXXSW1GB User Guide 178 179 Safety Warnings and Cautions Safety InformationServer Safety Information Equipment Handling Practices Power and Electrical WarningsIntended Application Uses Site Selection Power Cord Warnings System Access Warnings Electrostatic Discharge ESD Rack Mount Warnings Other Hazards Battery Replacement Sicherheitshinweise und Vorsichtsmaßnahmen Sicherheitshinweise für den Server Handhabung von Geräten Zielbenutzer der AnwendungStandortauswahl Hinweis für Netzkabel Warnungen zu Netzspannung und Elektrizität Warnhinweise für den Systemzugang Elektrostatische Entladungen ESD Warnhinweise für Racks Batterieaustausch Andere Gefahren Sécurité avertissements et mises en garde Consignes de sécurité sur le serveur Pratiques de manipulation de l’équipement Sélection d’un emplacementDomaines d’utilisation prévus Avertissements sur le cordon d’alimentation Alimentation et avertissements en matière d’électricité Avertissements sur l’accès au système Décharges électrostatiques ESD Avertissements sur le montage en rack Autres risques Remplacement de la pile Advertencias y precauciones sobre seguridad Información de seguridad del servidor Manipulación del equipo Aplicaciones y usos previstosSelección de la ubicación Advertencias sobre el cable de alimentación Advertencias de alimentación y eléctricas Advertencias el acceso al sistema Descarga electrostática ESD Advertencias sobre el montaje en rack Sustitución de la batería 简体中文服务器安全信息设备操作规范系统使用警告机架固定件警告其他危险