TP-Link TL-SG5412F, TL-SG5428

 Configuration Procedure

Step Operation Description

1 Create VLANs On VLAN→802.1Q VLAN page, create VLAN 6, specify its description

as RD, configure port 16 and port 2 as the members of VLAN 6.

Connect RD department to port 16 of TL-SG5428/TL-SG5412F, and

configure the link type of port 16 as GENERAL and its PVID as 6. The

IP range of VLAN 6 is 172.31.70.0.

On VLAN→802.1Q VLAN page, create VLAN 8, specify its description

as Marketing, configure port 18 and port 2 as the members of VLAN 8.

Connect RD department to port 18 of TL-SG5428/TL-SG5412F, and

configure the link type of port 18 as GENERAL and its PVID as 8. The

IP range of VLAN 8 is 172.31.50.0.

2 Configure

Time-range

On ACL→Time-Range page, create a time-range named work_time.

Select Week mode and configure the week time from Monday to Friday.

Add a time-slice 08:00~18:00.

3 Configure for

requirement 1

On ACL→ACL Config→ACL Create page, create ACL 11.

On ACL→ACL Config→MAC ACL page, select ACL 11, create Rule 1,

configure the operation as Permit, configure the S-MAC as

00-65-A5-5D-12-C3 and mask as FF-FF-FF-FF-FF-FF, and configure

the time-range as No Limit.

On ACL→ACL Config→Policy Create page, create a policy named

manager.

On ACL→Policy Config→Policy Create page, add ACL 11 to Policy

manager.

On ACL→Policy Binding→Port Binding page, select Policy manager

to bind to port 16.

4 Configure for

requirement 2

and 3

On ACL→ACL Config→ACL Create page, create ACL 100.

On ACL→ACL Config→Standard-IP ACL page, select ACL 100,

create Rule 1, configure operation as Deny, configure S-IP as

172.31.70.1 and mask as 255.255.255.0, configure D-IP as

172.31.50.1 and mask as 255.255.255.0, configure the time-range as

No Limit.

On ACL→ACL Config→Standard-IP ACL page, select ACL 100,

create Rule 2, configure operation as Deny, configure S-IP as

172.31.70.1 and mask as 255.255.255.0, configure D-IP as

172.31.88.5 and mask as 255.255.255.255, configure the time-range

as No Limit.

On ACL→ACL Config→Standard-IP ACL page, select ACL 100,

create Rule 3, configure operation as Permit, configure S-IP as

172.31.70.1 and mask as 255.255.255.0, configure D-IP as

172.31.88.5 and mask as 255.255.255.0, configure the time-range as

work_time.

On ACL→Policy Config→Action Create page, add ACL 100 to Policy

limit1.

On ACL→Policy Binding→Port Binding page, select Policy limit1 to

bind to port 16.

143