NETGEAR 7000 Series Managed Switch Administration Guide Version 7.2

Create ACL 101. Define the first rule: the ACL will permit packets with a match on the specified source IP address (after the mask has been applied), that are carrying TCP traffic, and that are sent to the specified destination IP address. (Netgear Switch) #config

(Netgear Switch) (Config)#access-list 101 permit tcp 192.168.77.0 0.0.0.255 192.178.77.0 0.0.0.255

Define the second rule for ACL 101. Define the rule to set similar conditions for UDP traffic as for TCP traffic.

(Netgear Switch) (Config)#access-list 101 permit udp 192.168.77.0 0.0.0.255 192.178.77.0 0.0.0.255

Apply the rule to inbound traffic on port 1/0/2. Only traffic matching the criteria will be accepted.

(Netgear Switch) (Config)#interface 1/0/2

(Netgear Switch) (Interface 1/0/2)#ip access-group 101 in (Netgear Switch) (Interface 1/0/2)#exit

(Netgear Switch) (Config)#exit

Example #2: Configure a One-Way Access Using a TCP Flag in an

ACL

This example shows how to set up one-way web access using a TCP flag in an ACL. PC1 can access FTP server1 and FTP server2 but PC2 only access FTP server2.

Figure 9-2

9-4

Access Control Lists (ACLs)

v1.0, May 2008

Page 79 Page 81
Page 80
Image 80
NETGEAR 7000 Series manual Acl
Page 79 Page 81
Top Page Image Contents