Netgear M4300-24X24F (XSM4348S) - Stackable Managed Switch with 48x10G including 24x10GBASE-T and 24xSFP+ Layer 3 Guia Do Administrador
ACLs
165
Managed Switches
Figure 19. IP ACL with rules for TCP traffic and UDP traffic
CLI: Set Up an IP ACL with Two Rules
The following is an example of configuring ACL support on a 7000 Series Managed Switch.
Create ACL 101. Define the first rule: The ACL will permit packets that match the specified
source IP address (after the mask has been applied), that are carrying TCP traffic, and that
are sent to the specified destination IP address.
source IP address (after the mask has been applied), that are carrying TCP traffic, and that
are sent to the specified destination IP address.
1.
Enter these commands:
2.
Define the second rule for ACL 101 to set conditions for UDP traffic similar to those for TCP
traffic.
traffic.
(Netgear Switch) #config
(Netgear Switch) (Config)#access-list 101 permit tcp 192.168.77.0 0.0.0.255
192.178.77.0 0.0.0.255
(Netgear Switch) (Config)#access-list 101 permit udp 192.168.77.0 0.0.0.255
192.178.77.0 0.0.0.255
192.168.77.1
192.168.77.4
192.168.77.9
192.168.77.2
Layer 2 switch
Layer 3 switch
Port 1/0/2
ACL 1
TCP packet to
192.178.88.3 rejected.
Dest. IP not in range.
192.178.88.3 rejected.
Dest. IP not in range.
TCP packet to
192.178.77.3 accepted.
Dest. IP in range.
192.178.77.3 accepted.
Dest. IP in range.