Mac Acl Example Configuration - NETGEAR S3600 Series User Manual

S3600 Series 8- or 16-Port 10G/Multi-Gigabit Ethernet Smart Switch with 2 SFP+ Ports
traffic that matches the criteria to a particular queue or redirect the traffic to a
particular port. A default deny all rule is the last rule of every list.
2. Apply the access list to an interface in the inbound direction.
The switch allow ACLs to be bound to physical ports and LAGs. The switch supports
MAC ACLs, IPv4 ACLs, and IPv6 ACLs.

MAC ACL example configuration

The following example shows how to create a MAC-based ACL that permits IPv4 traffic
on the VLAN with ID 2 from a particular computer in the sales department (the computer
is identified by its MAC address), sends the traffic to a specific queue on specific ports,
and denies all other traffic on those ports.
In this example, you do the following:
1. Create a MAC ACL with the name Sales_ACL.
2. Create a rule with the following criteria:
• Sequence Number: 1
• Action: Permit
• Assign Queue ID: 4
• Match Every: No
• EtherType: IPv4
• Source MAC address: 02:02:1A:BC:DE:EF
• Source MAC Mask: 00:00:00:00:FF:FF
• VLAN ID: 2, which is the VLAN that is used for the sales department.
3. Bind the Sales_ACL to ports 6, 7, and 8.
To configure the MAC ACL example:
1. Connect your computer to the same network as the switch.
You can use a WiFi or wired connection to connect your computer to the network,
or connect directly to a switch that is off-network using an Ethernet cable.
2. Launch a web browser and enter the IP address of the switch in the address field of
your web browser.
If you do not know the IP address of the switch, see Access the switch on-network
and connected to the Internet on page 25 or Access the switch off-network and not
connected to the Internet on page 32.
The Device Admin Password page displays.
Configuration Examples 569 User Manual