Chapter 20: Access Control Lists (ACL)
232
Overview
Access Control Lists (ACLs) act as filters to control the ingress packets on
ports. They are commonly used to restrict the types of packets that ports
accept to increase port security and create physical links dedicated to
carrying specific types of traffic. For instance, you can configure ACLs to
permit ports to accept only ingress packets that have a specific source IP
address or destination IP address.
You create an ACL first and then assign it to a port. ACLs take effect
immediately when they are assigned to ports. To create an ACL, you
assign filtering criteria to select a type of traffic, assign an action of
dropping the traffic, forwarding the traffic to another port, or copying and
mirroring the traffic to another port. The port filters the ingress traffic and
takes an action based on the ACL that is assigned to the port.
Using the AT-8100 web interface, you can configure two types of ACLs:
IPv4 ACLs
MAC ACLs
IPv4 ACLs use IPv4 addresses as filtering criteria while MAC ACLs use
only MAC addresses as filtering criteria. For IPv4 ACLs, you can specify
TCP or UDP port numbers to filter the traffic. In addition, IPv4 ACLs are
only compatible with IPv4 addresses. They are not compatible with IPv6
addresses.
Classifier
Number Ranges
IPv4 and MAC ACLs are identified by classifier numbers. When you create
an ACL, you must choose the correct classifier number based on which
ACL you want to create. See the IPv4 and MAC ACL classifier number
ranges displayed in Table 9.
Filtering Criteria
ACLs identify packets using filtering criteria. The AT-8100 web interface
offers five criteria:
Source and destination IPv4 addresses
Source and destination MAC addresses
Source and destination TCP ports
Table 9. ACL Classifier Number Ranges
Type of ACL
Classifier Number Range
IPv4 ACLs
3000 - 3699
MAC ACLs
4000 - 4699
Summary of Contents for AT-8100L/8POE
Page 4: ......
Page 10: ...Contents 10...
Page 14: ...Figures 14...
Page 22: ...Chapter 1 AT 8100 Series Version 2 2 5 0 Web Browser Interface 22...
Page 84: ...Chapter 5 Setting Port Statistics 84...
Page 92: ...Chapter 6 Port Mirroring 92...
Page 100: ...Chapter 7 Spanning Tree Protocol on a Port 100...
Page 120: ...Chapter 9 Link Aggregation Control Protocol LACP 120...
Page 130: ...Chapter 10 Setting Static Port Trunks 130...
Page 148: ...Chapter 12 Spanning Tree Protocols on the Switch 148...
Page 158: ...Chapter 13 Internet Group Management Protocol IGMP Snooping 158...
Page 168: ...Chapter 14 IGMP Snooping Querier 168...
Page 178: ...Chapter 15 Power Over Ethernet PoE 178...
Page 230: ...Chapter 19 Setting IPv4 and IPv6 Addresses 230...
Page 242: ...Chapter 20 Access Control Lists ACL 242...
Page 246: ...Chapter 21 Setting Static Routes 246 8 Click Apply 9 Click SAVE...
Page 250: ...Chapter 21 Setting Static Routes 250...
Page 319: ...AT 8100 Series Version 2 2 5 0 Web Interface User s Guide 319 Model Name Asset ID...
Page 320: ...Chapter 25 LLDP and LLDP MED 320...