Netgear M4100-D12G-POE+ (GSM5212P) - ProSAFE Gigabit L2+ Managed Switch User Manual
Manage Device Security
347
M4100 Series Managed Switch
•
ACL Based on Destination IPv6 L4 Port. To create an ACL based on the
destination IPv6 Layer 4 port number.
•
ACL Based on Source IPv6 L4 Port. To create an ACL based on the source IPv6
Layer 4 port number.
9.
Use Rule ID to enter a whole number in the range of 1 to 511.
This number is used to identify the rule.
10.
Use Action to specify what action should be taken if a packet matches the rule's criteria.
The choices are permit or deny.
11.
Select True or False from the Match Every menu.
True indicates that all packets match the selected ACL and rule and is either permitted or
denied. In this case, since all packets match the rule, the option of configuring other
match criteria is not offered. To configure specific match criteria for the rule, remove the
rule and re-create it, or reconfigure Match Every to False for the other match criteria to
be visible.
denied. In this case, since all packets match the rule, the option of configuring other
match criteria is not offered. To configure specific match criteria for the rule, remove the
rule and re-create it, or reconfigure Match Every to False for the other match criteria to
be visible.
12.
Use Destination MAC to specify the destination MAC address to compare against an
Ethernet frame.
Ethernet frame.
The valid format is xx:xx:xx:xx:xx:xx. The BPDU keyword can be specified using a
destination MAC address of 01:80:C2:xx:xx:xx.
destination MAC address of 01:80:C2:xx:xx:xx.
13.
Use Destination MAC Mask to specify the destination MAC address mask specifying which
bits in the destination MAC to compare against an Ethernet frame.
bits in the destination MAC to compare against an Ethernet frame.
The valid format is xx:xx:xx:xx:xx:xx. The BPDU keyword can be specified using a
destination MAC mask of 00:00:00:ff:ff:ff.
destination MAC mask of 00:00:00:ff:ff:ff.
14.
To add a new rule to the ACL, click the ADD button.
15.
To remove the currently selected rule from the ACL, click the DELETE button.
16.
Click the APPLY button.
Updated configuration is sent to the switch. Configuration changes take effect
immediately.
immediately.
Create a MAC ACL
A MAC ACL consists of a set of rules that are matched sequentially against a packet. When a
packet meets the match criteria of a rule, the specified rule action (Permit/Deny) is taken and
the additional rules are not checked for a match.
the additional rules are not checked for a match.
There are multiple steps involved in defining a MAC ACL and applying it to the switch:
1.
Create the ACL name (see the following procedure in this topic).
2.
Create rules for the ACL (see
3.
Assign the ACL by its name to a port (see
4.
Optionally, view the configurations (see