Configuring Device Security
Defining Access Control
STEP 2
Cisco Small Business SFE/SGE Managed Switches Administration Guide
•
Destination
-
IP Address — Matches the destination port IP address to which packets
are addressed to the ACE.
-
Prefix Length — Defines the IP route prefix for the destination IP. The
prefix length must be preceded by a forward slash /.
•
DCSP — Matches the packets DSCP value.
•
IP-Prec. — Matches the packet IP Precedence value to the ACE. Either the
DSCP value or the IP Precedence value is used to match packets to ACLs. The
possible field range is 0-7.
•
Action — Indicates the action assigned to the packet matching the ACL.
Packets are forwarded or dropped. In addition, the port can be shut down, a
trap can be sent to the network administrator, or packet is assigned rate
limiting restrictions for forwarding. The options are as follows:
-
Permit
— Forwards packets which meet the ACL criteria.
-
Deny
— Drops packets which meet the ACL criteria.
-
Shutdown
— Drops packet that meets the ACL criteria, and disables the
port to which the packet was addressed. Ports are reactivated from the
Port Management
Click the Add ACL button. The
page.
Add IPv6 Based ACL Page
4
opens:
116