NETGEAR 7000 Series manual Create an ACL that permits all the IP packets

NETGEAR 7000 Series Managed Switch Administration Guide Version 7.2

Create VLAN 200 with port 0/44 and assign IP address 192.168.200.1/24. (Netgear Switch) #vlan database

(Netgear Switch) (Vlan)#vlan 200 (Netgear Switch) (Vlan)#vlan routing 200 (Netgear Switch) (Vlan)#exit

(Netgear Switch) #configure

(Netgear Switch) (Config)#interface 0/44 (Netgear Switch) (Interface 0/44)#vlan pvid 200

(Netgear Switch) (Interface 0/44)#vlan participation include 200 (Netgear Switch) (Interface 0/44)#exit

(Netgear Switch) (Config)#interface vlan 200 (Netgear Switch) (Interface-vlan 200)#routing

(Netgear Switch) (Interface-vlan 200)#ip address 192.168.200.1 255.255.255.0 (Netgear Switch) (Interface-vlan 200)#exit

Add two static routes so that the switch forwards the packets for which the destinations are 192.168.40.0/24 and 192.168.50.0/24 to the correct next hops. (Netgear Switch) (Config)#ip routing

(Netgear Switch) (Config)#ip route 192.168.40.0 255.255.255.0 192.168.200.2 (Netgear Switch) (Config)#ip route 192.168.50.0 255.255.255.0 192.168.200.2

Create an ACL that denies all the packets with TCP flags +syn-ack. (Netgear Switch) (Config)#access-list 101 deny tcp any any flag +syn -ack

Create an ACL that permits all the IP packets.

(Netgear Switch) (Config)#access-list 102 permit ip any any

Apply the ACL 101 and 102 to the port 0/44; the sequence of 101 is 1 and of 102 is 2.

(Netgear Switch) (Config)#interface 0/44

(Netgear Switch) (Interface 0/44)#ip access-group 101 in 1 (Netgear Switch) (Interface 0/44)#ip access-group 102 in 2 (Netgear Switch) (Interface 0/44)#exit

v1.0, May 2008