279
EKI-9500 Series User Manual
To add a new ACL:
Click
QoS
>
Access Control Lists
>
Summary
>
Add
.
Figure 4.309 QoS > Access Control Lists > Summary > Add
The following table describes the items in the previous figure.
4.7.1.2
Configuration
Use the Access Control List Configuration page to configure rules for the existing
Access Control Lists (ACLs) on the system and to view summary information about
the rules that have been added to an ACL. Each ACL rule is configured to match one
or more aspects of traffic on the network. When a packet matches the conditions in a
rule, it is handled according to the configured action (permit or deny) and attributes.
Each ACL can have multiple rules, but the final rule for every ACL is an implicit deny
all rule. For each rule, a packet must match all the specified criteria in order for the
specified rule action (Permit/Deny) to take place.
Item
Description
ACL Type
The type of ACL. The ACL type determines the criteria that can be
used to match packets. The type also determines which attributes can
be applied to matching traffic. IPv4 ACLs classify Layer 3 and Layer 4
IPv4 traffic, IPv6 ACLs classify Layer 3 and Layer 4 IPv6 traffic, and
MAC ACLs classify Layer 2 traffic. The ACL types are as follows:
IPv4 Standard: Match criteria is based on the source address of
IPv4 packets.
IPv4 Extended: Match criteria can be based on the source and
destination addresses, source and destination Layer 4 ports, and
protocol type of IPv4 packets.
IPv4 Named: Match criteria is the same as IPv4 Extended ACLs,
but the ACL ID can be an alphanumeric name instead of a num-
ber.
IPv6 Named: Match criteria can be based on information includ-
ing the source and destination IPv6 addresses, source and desti-
nation Layer 4 ports, and protocol type within IPv6 packets.
Extended MAC: Match criteria can be based on the source and
destination MAC addresses, 802.1p user priority, VLAN ID, and
EtherType value within Ethernet frames.
ACL Identifier
The name or number that identifies the ACL. The permitted identifier
depends on the ACL type. Standard and Extended IPv4 ACLs use
numbers within a set range, and Named IPv4 , IPv6, and MAC ACLs
use alphanumeric characters. The ID of a Named IPv4 ACL must
begin with a letter, and not a number.
Submit
Click
Submit
to save the values.
Cancel
Click
Cancel
to close the window.
Содержание EKI-9512-C0IDW10E
Страница 1: ...User Manual EKI 9500 Series Full Managed Ethernet Switches...
Страница 20: ...Chapter 1 1Product Overview...
Страница 28: ...Chapter 2 2Switch Installation...
Страница 38: ...Chapter 3 3Configuration Utility...
Страница 43: ...Chapter 4 4Managing Switch...