NETGEAR GS728TP100NAS Switch User Manual


 
Managing Device Security
436
ProSafe M5300 Switch
Note: There is an implicit “deny all” rule at the end of an ACL list. This
means that if an ACL is applied to a packet and if none of the explicit
rules match, then the final implicit “deny all” rule applies and the
packet is dropped.
To use the ACL Wizard to configure an ACL:
1. Use ACL Type to specifies the ACL type you are using to create the ACL. You can
select one type from 10 optional types:
ACL Based on Destination MAC - To create a ACL based on the destination MAC
address, destination MAC mask and VLAN.
ACL Based on Source MAC - To create a ACL based on the source MAC address,
source MAC mask and VLAN.
ACL Based on Destination IPv4 - To create a ACL based on the destination IPv4
address and IPv4 address mask.
ACL Based on Source IPv4 - To create a ACL based on the source IPv4 address
and IPv4 address mask.
ACL Based on Destination IPv6 - To create a ACL based on the destination IPv6
prefix and IPv6 prefix length.
ACL Based on Source IPv6 - To create a ACL based on the source IPv6 prefix and
IPv6 prefix length.
ACL Based on Destination IPv4 L4 Port - To create a ACL based on the destination
IPv4 layer4 port number.
ACL Based on Source IPv4 L4 Port - To create a ACL based on the source IPv4
layer4 port number.
ACL Based on Destination IPv6 L4 Port - To create a ACL based on the destination
IPv6 layer4 port number.
ACL Based on Source IPv6 L4 Port - To create a ACL based on the source IPv6
layer4 port number.
2. Use Rule ID to enter a whole number in the range of 1 to 1023 that will be used to identify
the rule.
3. Use Action to specify what action should be taken if a packet matches the rule's criteria.
The choices are permit or deny.
4. Use Destination MAC to specify the destination MAC address to compare against an
Ethernet frame. Valid format is (xx:xx:xx:xx:xx:xx). The BPDU keyword may be specified
using a Destination MAC address of 01:80:C2:xx:xx:xx.
5. Use Destination MAC Mask to specify the destination MAC address mask specifying which
bits in the destination MAC to compare against an Ethernet frame. Valid format is
(xx:xx:xx:xx:xx:xx). The BPDU keyword may be specified using a Destination MAC mask of
00:00:00:ff:ff:ff.
6. Click ADD to add a new rule to the ACL based on destination MAC.