Access Control List Vlan Summary - Ubiquiti EdgeSwitch ES-24-250W Administration Manual

EdgeSwitch Administration Guide
™

Access Control List VLAN Summary

Use this page to associate one or more ACLs with one or more VLANs on the device.
To display the Access Control List VLAN Summary page, click QoS > Access Control Lists > Interfaces in the
navigation menu.
Field
VLAN ID
Direction
Sequence Number
ACL Type
ACL Identifier
Use the buttons to perform the following tasks:
• To associate an ACL with a VLAN, click Add, configure the settings, and click Submit to apply the changes.
• To remove the association between a VLAN and an ACL, select each entry to delete and click Remove. You
must confirm the action before the entry is deleted.
• Click Refresh to refresh the page with the most current data from the switch.
To retain the changes across the switch's next power cycle, click System > Configuration Storage > Save.
Ubiquiti Networks, Inc.
Access Control List VLAN Summary
Access Control List VLAN Summary Fields
Description
The ID of the VLAN associated with the rest of the data in the row. When associating a VLAN with an
ACL, use this field to select the desired VLAN.
Indicates whether the packet is checked against the rules in an ACL when it is received on a VLAN
(Inbound) or after it has been received, routed, and is ready to exit a VLAN (Outbound).
The order the ACL is applied to traffic on the VLAN relative to other ACLs associated with the VLAN
in the same direction. When multiple ACLs are applied to the same VLAN in the same direction, the
ACL with the lowest sequence number is applied first, and the other ACLs are applied in ascending
numerical order.
The ACL type, which determines what criteria can be used to match packets. The type also determines
which attributes can be applied to matching traffic. IPv4 ACLs classify Layer-3 and Layer-4 IPv4 traffic,
IPv6 ACLs classify Layer-3 and Layer-4 IPv6 traffic, and MAC ACLs classify Layer-2 traffic. The ACL types
are as follows:
• IPv4 Standard Match criteria is based on the source address of IPv4 packets.
• IPv4 Extended Match criteria can be based on the source and destination addresses, source and
destination Layer-4 ports, and protocol type of IPv4 packets.
IPv4 Named
• Match criteria is the same as IPv4 Extended ACLs, but the ACL ID can be an
alphanumeric name instead of a number.
• IPv6 Named Match criteria can be based on information including the source and destination
IPv6 addresses, source and destination Layer-4 ports, and protocol type within IPv6 packets.
• Extended MAC Match criteria can be based on the source and destination MAC addresses, 802.1p
user priority, VLAN ID, and EtherType value within Ethernet frames.
The name or number that identifies the ACL. The permitted identifier depends on the ACL type.
Standard and Extended IPv4 ACLs use numbers within a set range, and Named IPv4, IPv6, and MAC
ACLs use alphanumeric characters.
Configuring Quality of Service
237