Cisco 500 series Administration Manual page 403

Access Control
IPv4-based ACLs
STEP 1
STEP 2
STEP 3
STEP 4
Cisco 500 Series Stackable Managed Switch Administration Guide
Adding Rules (ACEs) to an IPv4-Based ACL
To add rules (ACEs) to an IPv4-based ACL:
Click Access Control > IPv4-Based ACE. The IPv4-Based ACE page is
displayed.
Select an ACL, and click Go. All currently-defined IP ACEs for the selected ACL are
displayed.
Click Add. The Add IPv4 Based ACE page is displayed.
Enter the parameters.
• ACL Name—Displays the name of the ACL.
• Priority—Enter the priority. ACEs with higher priority are processed first.
• Action—Select the action assigned to the packet matching the ACE. The
options are as follows:
Permit
- —Forward packets that meet the ACE criteria.
Deny
- —Drop packets that meet the ACE criteria.
Shutdown
- —Drop packet that meets the ACE criteria and disable the port
to which the packet was addressed. Ports are reactivated from the Port
Management page.
• Time Range—Select to enable limiting the use of the ACL to a specific time
range.
• Time Range Name—If Time Range is selected, select the time range to be
used. Time ranges are defined in the
• Protocol—Select to create an ACE based on a specific protocol or protocol
ID. Select Any (IPv4) to accept all IP protocols. Otherwise select one of the
following protocols from the drop-down list:
ICMP
- —Internet Control Message Protocol
IGMP
- —Internet Group Management Protocol
- IP in IP —IP in IP encapsulation
TCP
- —Transmission Control Protocol
EGP
- —Exterior Gateway Protocol
- IGP —Interior Gateway Protocol
Time Range section.
24
403