177
2. Select an ACL, and click
Search
.
All currently-defined IP ACEs for the selected ACL are displayed.
3. Click
Add
.
4. Enter the parameters.
•
ACL Name—Displays the name of the ACL.
•
ACE Priority—Enter the priority. ACEs with higher priority are processed first.
•
Action on Match Packets—Select the action assigned to the packet matching the
ACE. The options:
o
Permit—Forward packets that meet the ACE criteria.
o
Deny—Drop packets that meet the ACE criteria.
o
Shutdown—Drop packet that meets the ACE criteria and disable the port
to which the packet was addressed. Ports are reactivated from the Port
Management page.
•
Protocol—Select to create an ACE based on a specific protocol or protocol ID.
Select Any IPv6 to accept all IP protocols. Otherwise select one of the following
protocols from the drop-down list:
o
ICMP—Internet Control Message Protocol
o
TCP—Transmission Control Protocol
o
UDP—User Datagram Protocol
•
Protocol ID—Instead of selecting the name, enter the protocol ID.
•
Source IP Address—Select Any if all source addresses are acceptable or User
Defined to enter a source address or range of source addresses.
•
Source IP Address Value—Enter the IP address to which the source MAC address
is to be matched and its mask (if relevant).
•
Source IP Prefix Length—Enter the prefix length of the source IP address.
•
Destination IP Address—Select Any if all destination addresses are acceptable or
User Defined to enter a destination address or range of destination addresses.
•
Destination IP Address Value—Enter the IP address to which the destination IP
address is to be matched.
•
Destination IP Prefix Length—Enter the prefix length of the destination IP address.
•
Source Port—Select one of the following:
o
Any—Match to all source ports.
o
Single Port—Enter a single TCP/UDP source port to which packets are
matched. This field is active only if 800/6-TCP or 800/17-UDP is selected
in the Select from List drop-down menu.
•
Destination Port—Select one of the available values that are the same as the
Source Port field described above.