![background image](http://html1.mh-extra.com/html/linksys/smart-switch-lgs3xx/smart-switch-lgs3xx_user-manual_1924717093.webp)
89
Table of Contents
Linksys
Table of Contents
Linksys
•
Shutdown—Drop packet that meets the ACE criteria and disable the
port to which the packet was addressed Ports are reactivated from
the Port Management page
•
Protocol—Select to create an ACE based on a specific protocol or protocol
ID Select Any IPv4 to accept all IP protocols Otherwise select one of the
following protocols from the drop-down list:
•
ICMP—Internet Control Message Protocol
•
IGMP—Internet Group Management Protocol
•
IP in IP—IP in IP encapsulation
•
TCP—Transmission Control Protocol
•
UDP—User Datagram Protocol
•
Protocol ID —Instead of selecting the name, enter the protocol ID
•
Source IP Address—Select Any if all source address are acceptable or User
Defined to enter a source address or range of source addresses
•
Source IP Address Value—Enter the IP address to which the source MAC
address is to be matched and its mask (if relevant)
•
Source IP Wildcard Mask—Enter the mask to define a range of IP
addresses Setting a bit as 1 indicates don’t care and 0 indicates to mask
that value
NOTE:
Given a mask of 0000 0000 0000 0000 0000 0000 1111 1111 (which means
that you match on the bits where there is 0 and don’t match on the bits
where there are 1’s) You need to translate the 1’s to a decimal integer and
you write 0 for each four zeros In this example since 1111 1111 = 255, the
mask would be written: as 0 0 0 255
•
Destination IP Address—Select Any if all destination address are
acceptable or User Defined to enter a destination address or range of
destination addresses
•
Destination IP Address Value—Enter the IP address to which the
destination IP address is to be matched
•
Destination IP Wildcard Mask—Enter the mask to define a range of
IP addresses
•
Source Port—Select one of the following:
•
Any—Match to all source ports
•
Single Port—Enter a single TCP/UDP source port to which packets
are matched This field is active only if 800/6-TCP or 800/17-UDP is
selected in the Select from List drop-down menu
•
Destination Port—Select one of the available values that are the same as
the Source Port field described above
NOTE:
You must specify the IP protocol for the ACE before you can enter the source
and/or destination port
•
Type of Service—The service type of the IP packet
•
Any—Any service type
•
DSCP to Match—Differentiated Serves Code Point (DSCP) to match
•
IP Precedence to match—IP precedence is a model of TOS (type of
service) that the network uses to help provide the appropriate QoS
commitments This model uses the 3 most significant bits of the service
type byte in the IP header, as described in RFC 791 and RFC 1349
STEP 5 Click Apply The IPv4-Based ACE is saved to the Running
Configuration file
IPv6-Based ACL
To define an IPv6-Based ACL:
STEP 1 Click Configuration > Access Control List > IPv6 Based ACL
This page contains all currently defined IPv6-Based ACLs
STEP 2 Click Add
STEP 3 Enter the name of the new ACL in the ACL Name field The names are
case-sensitive
STEP 4 Click Apply The IPv6-Based ACL is saved to the Running
Configuration file
IPv6-Based ACE
To add rules (ACEs) to an IPv6-Based ACL:
STEP 1 Click Configuration > Access Control List > IPv6-Based ACE
STEP 2 Select an ACL, and click Search All currently-defined IP ACEs for the
selected ACL are displayed