6.5.2 Configuring an ACL
Configure an ACL to enforce privilege separation and determine appropriate switch access permissions for groups and users.
To configure an ACL:
1.Select Security > ACLs from the main tree menu.
2.Click the Configuration tab.
3.The Configuration tab consists of the following two fields:
•ACLs - existing access lists
•Associated Rules - allow/deny rules
The ACLs field displays the list of ACLs currently associated with the switch. An ACL contains an ordered list of ACEs. Each ACE specifies a permit or deny designation and a set of conditions the packet must satisfy in order to match the ACE. Because the switch stops testing conditions after the first match, the order of conditions in the list is critical.
4.If an existing ACL no longer satisfies switch access control requirements, select it from amongst the existing ACLs and click the Delete button.
5.Use the Add button (within the ACLs field) to add an additional ACL. For more information, see Adding a New ACL on page
6.Refer to the Associated Rules field to assess the rules and precedence associated with each ACL. If necessary, rules and can be added or existing rules modified. For more information, see Adding a New ACL Rule on page
6.5.2.1Adding a New ACL
When a packet is received by the switch, the switch compares the packet against the ACL to verify t the packet has the required permissions to be forwarded. Often, ACLs need to be added as client permissions change during switch operation.