Cisco Cisco WAP321 Wireless-N Access Point with Single Point Setup 관리 매뉴얼
Client Quality of Service
ACL
Cisco Small Business WAP121 and WAP321 Wireless-N Access Point with PoE
119
7
When you select Deny, the rule blocks all traffic that meets the rule criteria
from entering or exiting the WAP device (depending on the ACL direction
you select). Traffic that does not meet the criteria is forwarded unless this
rule is the final rule. Because there is an implicit deny all rule at the end of
every ACL, traffic that is not explicitly permitted is dropped.
from entering or exiting the WAP device (depending on the ACL direction
you select). Traffic that does not meet the criteria is forwarded unless this
rule is the final rule. Because there is an implicit deny all rule at the end of
every ACL, traffic that is not explicitly permitted is dropped.
•
Match Every Packet—If selected, the rule, which either has a permit or deny
action, matches the frame or packet regardless of its contents.
action, matches the frame or packet regardless of its contents.
If you select this field, you cannot configure any additional match criteria. The
Match Every Packet option is selected by default for a new rule. You must
clear the option to configure other match fields.
Match Every Packet option is selected by default for a new rule. You must
clear the option to configure other match fields.
For IPv4 ACLs, configure these parameters:
•
Protocol—The Protocol field to use an Layer 3 or Layer 4 protocol match
condition based on the value of the IP Protocol field in IPv4 packets or the
Next Header field in IPv6 packets.
condition based on the value of the IP Protocol field in IPv4 packets or the
Next Header field in IPv6 packets.
If you select Protocol, select one of these options:
-
Select From List—Select one of these protocols: IP, ICMP, IGMP, TCP, or
UDP.
UDP.
-
Match to Value—Enter a standard IANA-assigned protocol ID from
0 to 255. Choose this method to identify a protocol not listed by name in
the Select From List.
0 to 255. Choose this method to identify a protocol not listed by name in
the Select From List.
•
Source IP Address—Requires a packet's source IP address to match the
address listed here. Enter an IP address in the appropriate field to apply this
criteria.
address listed here. Enter an IP address in the appropriate field to apply this
criteria.
•
Wild Card Mask—The source IP address wildcard mask.
The wildcard mask determines which bits are used and which bits are
ignored. A wildcard mask of 255.255.255.255 indicates that no bit is
important. A wildcard of 0.0.0.0 indicates that all bits are important. This field
is required when Source IP Address is checked.
ignored. A wildcard mask of 255.255.255.255 indicates that no bit is
important. A wildcard of 0.0.0.0 indicates that all bits are important. This field
is required when Source IP Address is checked.
A wildcard mask is basically the inverse of a subnet mask. For example, to
match the criteria to a single host address, use a wildcard mask of 0.0.0.0. To
match the criteria to a 24-bit subnet (for example, 192.168.10.0/24), use a
wildcard mask of 0.0.0.255.
match the criteria to a single host address, use a wildcard mask of 0.0.0.0. To
match the criteria to a 24-bit subnet (for example, 192.168.10.0/24), use a
wildcard mask of 0.0.0.255.
•
Source Port—Includes a source port in the match condition for the rule. The
source port is identified in the datagram header.
source port is identified in the datagram header.
If you select Source Port, choose the port name or enter the port number.