Access Control
IPv4-based ACLs
STEP 1
STEP 2
STEP 3
STEP 4
Cisco 500 Series Stackable Managed Switch Administration Guide
Adding Rules (ACEs) to an IPv4-Based ACL
To add rules (ACEs) to an IPv4-based ACL:
Click Access Control > IPv4-Based ACE. The IPv4-Based ACE page is
displayed.
Select an ACL, and click Go. All currently-defined IP ACEs for the selected ACL are
displayed.
Click Add. The Add IPv4 Based ACE page is displayed.
Enter the parameters.
•
ACL Name—Displays the name of the ACL.
•
Priority—Enter the priority. ACEs with higher priority are processed first.
•
Action—Select the action assigned to the packet matching the ACE. The
options are as follows:
Permit
-
—Forward packets that meet the ACE criteria.
Deny
-
—Drop packets that meet the ACE criteria.
Shutdown
-
—Drop packet that meets the ACE criteria and disable the port
to which the packet was addressed. Ports are reactivated from the Port
Management page.
•
Time Range—Select to enable limiting the use of the ACL to a specific time
range.
•
Time Range Name—If Time Range is selected, select the time range to be
used. Time ranges are defined in the
•
Protocol—Select to create an ACE based on a specific protocol or protocol
ID. Select Any (IPv4) to accept all IP protocols. Otherwise select one of the
following protocols from the drop-down list:
ICMP
-
—Internet Control Message Protocol
IGMP
-
—Internet Group Management Protocol
-
IP in IP
—IP in IP encapsulation
TCP
-
—Transmission Control Protocol
EGP
-
—Exterior Gateway Protocol
-
IGP
—Interior Gateway Protocol
Time Range
section.
24
403