GS752TP, GS728TP, and GS728TPP Gigabit Smart Switches

departments. Traffic from the Finance department is identified by each packet’s network IP address.

1.In the IP ACL screen, create an IP ACL with an IP ACL ID of 1. For more information, see IP ACL on page 195.

2.In the IP Rules screen, create a rule for IP ACL 1 with the following settings:

Rule ID. 1

Action. Deny

Match Every. False

Source IP Address. 192.168.187.0

Source IP Mask. 255.255.255.0

For more information about IP ACL rules, see IP Rules on page 197.

3.Click Add.

4.In the IP Rules screen, create a second rule for IP ACL 1 with the following settings:

Rule ID. 2

Action. Permit

Match Every. True

5.Click Add.

6.In the IP Binding Configuration screen, assign ACL ID 1 to the Ethernet ports 2, 3, and 4, and assign a sequence number of 1.

For more information, see IP Binding Configuration on page 204.

By default, this IP ACL is bound on the inbound direction, so it examines traffic as it enters the switch.

7.Click APPLY.

8.Use the IP Binding Table screen to view the interfaces and IP ACL binding information. For more information, see IP Binding Table on page 206.

The IP ACL in this example matches all packets with the source IP address and subnet mask of the Finance department network and denies it on the Ethernet interfaces 2, 3, and 4 of the switch. The second rule permits all non-Finance traffic on the ports. The second rule is required because there is an explicit deny all rule as the lowest priority rule.

258

Page 258
Image 258
NETGEAR GS752TP, GS728TPP manual Rule ID Action. Deny Match Every. False Source IP Address, Match Every. True