GS716Tv2 and GS724Tv3 Software Administration Manual
To use the ACL Wizard:
1.Determine the type of ACL to configure and create a MAC ACL, standard IP ACL, or extended IP ACL.
•To permit or deny traffic based on the Source MAC Address, create a MAC ACL.
•To permit or deny traffic based on the Destination MAC Address, create a MAC ACL.
•To permit or deny traffic based on the Source IP Address, create a Standard ACL.
•To permit or deny traffic based on the Destination IP Address, create an Extended ACL.
•To permit or deny traffic based on the TCP or UDP Source Port ID, create an Extended ACL.
•To permit or deny traffic based on the TCP or UDP Destination Port ID, create an Extended ACL.
2.Click the Permit or Deny link associated with the access criteria on the ACL Wizard page.
The switch redirects you to a page that contains the fields to configure the ACL rule, and several of the fields are preconfigured. For example, if you select the Permit link associated with the Select Devices Based on Source IP Address option, the Source IP Address Rules page displays, and the only information you must provide is the source IP address and source mask.
3.Configure the desired rule.
4.Click Apply to save the rule.
MAC ACL
A MAC ACL consists of a set of rules which are matched sequentially against a packet. When a packet meets the match criteria of a rule, the specified rule action (Permit/Deny) is taken and the additional rules are not checked for a match.
There are multiple steps involved in defining a MAC ACL and applying it to the switch:
184 Chapter 5: Managing Device Security
