Ip Extended Rules - NETGEAR XS728T ProSAFE Software Administration Manual

28-port 10-gigabit l2+ smart switch

Hide thumbs Also See for XS728T ProSAFE:

User manual (373 pages)

Hardware installation manual (31 pages)

Installation (2 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

Table of Contents

mask. For example, to apply the rule to all hosts in the 192.168.1.0/24 subnet, enter

0.0.0.255 in the Source IP Mask field. This field is required when you configure a

source IP address.

Click Add.

Configuration changes take effect immediately.

To update an IP ACL rule, select the check box associated with the rule, update the desired

fields, and click Apply. You cannot modify the Rule ID of an existing IP rule.

IP Extended Rules

Use the IP Extended Rules screen to define rules for IP-based extended ACLs. The access

list definition includes rules that specify whether traffic matching the criteria is forwarded

normally or discarded.

Note:

There is an implicit "deny all" rule at the end of an ACL list. This rule

means that if an ACL is applied to a packet and if none of the explicit

rules match, the final implicit "deny all" rule applies and the packet is

dropped.

To configure rules for an IP ACL:



Click Security > ACL > Advanced > IP Extended Rules.

Select the ACL ID to add the rule to, and select the check box in the Extended ACL Rule

table.

Configure the fields for the new rule.

•

Rule ID. Specify a number from 1 to 50 to identify the IP ACL rule. You can create up

to 50 rules for each ACL.

•

Action. Select an ACL forwarding action:

•

Permit. Forwards packets which meet the ACL criteria.

•

Deny. Drops packets which meet the ACL criteria.

•

Logging. When set to Enable, logging is enabled for this ACL rule (subject to

resource availability in the device). If the access list trap flag is also enabled, this

causes periodic traps to be generated indicating the number of times this rule was hit

during the current report interval. A fixed 5-minute report interval is used for the entire

system. A trap is not issued if the ACL rule hit count is 0 for the current interval. This

field is available for a deny action.

•

Match Every. Requires a packet to match the criteria of this ACL. Select Enable or

Disable. Match Every is exclusive to the other filtering rules, so if Match Every is

enabled, the other rules on the screen are not available.

•

Protocol Type. Requires a packet's protocol to match the protocol listed here. Select

a type from the drop-down list, or enter the protocol number in the available field.

XS728T ProSAFE 28-Port 10-Gigabit L2+ Smart Switch

Security

143

Table of Contents

Show Quick Links

Quick Links:
Switch Management Interface

Hide quick links:

Table of Contents

Ip Extended Rules - NETGEAR XS728T ProSAFE Software Administration Manual

IP Extended Rules

Hide quick links:

Related Manuals for NETGEAR XS728T ProSAFE

Related Content for NETGEAR XS728T ProSAFE

Table of Contents