Filter
Top Products
Viewing and Configuring ACLs 221
You can choose to count the number of times an ACE is matched. This
hit count is useful for troubleshooting complex ACL configurations and
for monitoring traffic load for specific network applications or protocols.
The hit count can only be seen from the CLI. To start updating hit counter
statistics in the CLI, you must first set the hits sampling rate to a nonzero
value, such as 15 seconds. For more information about security ACLs, see
the Wireless LAN Switch and Controller Configuration Guide.
You cannot perform ACL functions that include permitting, denying, or
marking with a Class of Service (CoS) level on packets with a multicast or
broadcast destination address.
Viewing ACLs To view ACLs:
1 Select the Configuration tool bar option.
2 In the Organizer panel, click the plus sign next to the WX switch.
3 Click the plus sign next to System.
4 Select ACLs.
The configured ACLs and their mappings appear in the Content panel.
Creating an ACL The Create ACL wizard enables you to configure ACEs with the following
parameters:
Match criteria:
Source IP address
Destination IP address
Protocol
Source protocol port
Destination protocol port
Differentiated Services Code Point (DSCP) value or Type Of Service
(TOS) and IP precedence values
Action: deny or permit
Marking: Class of Service (CoS) value
These parameters are sufficient for most ACEs. To configure additional
parameters, use the wizard to configure the basic parameters, then select
the ACE and click Properties. (See “Configuring Advanced ACL
Settings” on page 226.)