Configuring Device Security
Configuring Network Security
Page 142
Defining Access Control Lists
Access Control Lists (ACL) allow network managers to define classification actions and rules for specific ingress
ports. Packets entering an ingress port, with an active ACL, are either admitted or denied entry and the ingress
port is disabled. If they are denied entry, the user can disable the port.
For example, an ACL rule is defined that states, port number 20 can receive TCP packets, however, if a UDP
packet is received, the packet is dropped. ACLs are composed of access control entries (ACEs) that are made of
the filters that determine traffic classifications. The total number of ACEs that can be defined in all ACLs together
is 1024. The following filters can be defined as ACEs:
•
Source Port IP Address and Wildcard Mask
— Filters the packets by the Source port IP address and wild-
card mask.
•
Destination Port IP Address and Wildcard Mask
— Filters the packets by the Source port IP address and
wildcard mask.
•
ACE Priority
— Filters the packets by the ACE priority.
•
Protocol
— Filters the packets by the IP protocol.
•
DSCP
— Filters the packets by the DiffServ Code Point (DSCP) value.
•
IP Precedence
— Filters the packets by the IP Precedence.
•
Action
— Indicates the action assigned to the packet matching the ACL. Packets are forwarded or dropped.
In addition, the port can be shut down, a trap can be sent to the network administrator, or packet is assigned
rate limiting restrictions for forwarding.
This section contains the following topics:
•
Defining IP Based Access Control Lists
•
Defining IP Based Access Control Lists
•
Defining MAC Based Access Control Lists
•
Binding Device Security ACLs
Summary of Contents for DES-3252P - Web Smart Switch
Page 1: ......
Page 271: ...Appendix C Technical Support Contacting D Link Technical Support Page 271 ...
Page 272: ...Appendix C Technical Support Contacting D Link Technical Support Page 272 ...
Page 273: ...Appendix C Technical Support Contacting D Link Technical Support Page 273 ...
Page 274: ...Appendix C Technical Support Contacting D Link Technical Support Page 274 ...
Page 275: ...Appendix C Technical Support Contacting D Link Technical Support Page 275 ...
Page 276: ...Appendix C Technical Support Contacting D Link Technical Support Page 276 ...
Page 277: ...Appendix C Technical Support Contacting D Link Technical Support Page 277 ...
Page 278: ...Appendix C Technical Support Contacting D Link Technical Support Page 278 ...
Page 279: ...Appendix C Technical Support Contacting D Link Technical Support Page 279 ...
Page 280: ...Appendix C Technical Support Contacting D Link Technical Support Page 280 ...
Page 281: ...Appendix C Technical Support Contacting D Link Technical Support Page 281 ...
Page 282: ...Appendix C Technical Support Contacting D Link Technical Support Page 282 ...
Page 283: ...Appendix C Technical Support Contacting D Link Technical Support Page 283 ...
Page 284: ...Appendix C Technical Support Contacting D Link Technical Support Page 284 ...
Page 285: ...Appendix C Technical Support Contacting D Link Technical Support Page 285 ...
Page 286: ...Appendix C Technical Support Contacting D Link Technical Support Page 286 ...
Page 287: ...Appendix C Technical Support Contacting D Link Technical Support Page 287 ...
Page 288: ...Appendix C Technical Support Contacting D Link Technical Support Page 288 ...
Page 289: ...Appendix C Technical Support Contacting D Link Technical Support Page 289 ...
Page 290: ...Appendix C Technical Support Contacting D Link Technical Support Page 290 ...
Page 291: ...Appendix C Technical Support Contacting D Link Technical Support Page 291 ...
Page 292: ...Appendix C Technical Support Contacting D Link Technical Support Page 292 ...
Page 293: ...Appendix C Technical Support Contacting D Link Technical Support Page 293 ...
Page 294: ...Appendix C Technical Support Contacting D Link Technical Support Page 294 ...
Page 295: ...Appendix C Technical Support Contacting D Link Technical Support Page 295 ...
Page 296: ...Appendix C Technical Support Contacting D Link Technical Support Page 296 ...