Table of Contents
Advertisement
D-Link Unified Access System
Field
IP ACL
IP ACL ID
IP ACL Name
The ACL Table at the bottom of the page shows the current size of the ACL table versus the maximum size of the ACL table.
The current size is equal to the number of configured IPv4 and IPv6 ACLs plus the number of configured MAC ACLs. The
maximum size is 100.
•
To add an IP ACL, select the type of ACL to add from the IP ACL menu, enter an ACL ID in the appropriate field, and
then click Submit.
•
To delete an IP ACL, select the ACL ID from the IP ACL menu, and then click Delete. The Delete button only appears if
a configured IP ACL is selected.
IP ACL Rule Configuration
Use the IP ACL Rule Configuration page to define rules for IP-based ACLs created using the IP Access Control List
Configuration page. The access list definition includes rules that specify whether traffic matching the criteria is forwarded
normally or discarded. Additionally, you can specify to assign traffic to a particular queue and/or mirror the traffic to a
particular port.
There is an implicit "deny all" rule at the end of an ACL list. This means that if an ACL is applied to a
packet and if none of the explicit rules match, then the final implicit "deny all" rule applies and the packet
is dropped.
To display the IP ACL Rule Configuration page, click LAN > QoS > Access Control Lists > IP Access Control Lists >
Rule Configuration in the navigation menu.
The fields available on the page depend on whether you select a standard, extended, or named IP ACL from the IP ACL
field, whether the rule action is permit or deny, and whether you select Create Rule or an existing rule from the Rule field.
Figure 243
shows the fields available when Create Rule is selected in the Rule field.
Page 346
Configuring Access Control Lists
Table 218: IP ACL Configuration Fields
Description
Select a type of ACL to create, or select an existing ACL to delete from the dropdown
menu. You can create the following types of IP ACLs:
• Standard IP ACL: Allows you to permit or deny traffic from a source IP address.
• Extended IP ACL: Allows you to permit or deny specific types of layer 3 or layer 4
traffic from a source IP address to a destination IP address. This type of ACL provides
more granularity and filtering capabilities than the standard IP ACL.
• Named IP ACL: Allows you to create an Extended IP ACL that is identified by a name
rather than a number. These ACLs have the same capabilities as Extended IP ACLs
with respect to match criteria and actions supported.
Enter an ID number for the ACL to configure. This field appears if you select Create
Standard IP ACL or Create Extended IP ACL from the IP ACL dropdown menu. For a
standard IP ACL, the acceptable ID values are 1-99. For an extended IP ACL, the
acceptable ID values are 101-199.
This field appears if you select Create New Named IP ACL from the IP ACL dropdown
menu. Specify an IP ACL Name string which includes only alphanumeric characters.
The name must start with an alphabetic character. This field will display the name of
the currently selected IP ACL if the ACL has already been created.
Software User Manual
Document 34CSFP6XXUWS-SWUM100-D7
12/10/09
- Quick Links:
- Section 1: Getting Started
Hide quick links:
Advertisement
Table of Contents
