Access Control
IPv4-based ACLs
Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 482
24
• Source IP Wildcard Mask—Enter the mask to define a range of IP
addresses. Note that this mask is different than in other uses, such as subnet
mask. Here, setting a bit as 1 indicates don't care and 0 indicates to mask that
value.
NOTE Given a mask of 0000 0000 0000 0000 0000 0000 1111 1111 (which
means that you match on the bits where there is 0 and don't match on the bits
where there are 1's). You need to translate the 1's to a decimal integer and
you write 0 for each four zeros. In this example since 1111 1111 = 255, the
mask would be written: as 0.0.0.255.
• Destination IP Address—Select Any if all destination address are
acceptable or User defined to enter a destination address or range of
destination addresses.
• Destination IP Address Value—Enter the IP address to which the
destination IP address is to be matched.
• Destination IP Wildcard Mask—Enter the mask to define a range of IP
addresses.
• Source Port—Select one of the following:
- Any—Match to all source ports.
- Single—Enter a single TCP/UDP source port to which packets are
matched. This field is active only if 800/6-TCP or 800/17-UDP is selected
in the Select from List drop-down menu.
- Range—Select a range of TCP/UDP source ports to which the packet is
matched. There are eight different port ranges that can be configured
(shared between source and destination ports). TCP and UDP protocols
each have eight port ranges.
• Destination Port—Select one of the available values that are the same as
the Source Port field described above.
NOTE You must specify the IP protocol for the ACE before you can enter the
source and/or destination port.
• TCP Flags—Select one or more TCP flags with which to filter packets.
Filtered packets are either forwarded or dropped. Filtering packets by TCP
flags increases packet control, which increases network security.
• Type of Service—The service type of the IP packet.
-
Any
—Any service type
To Next Page
Loading...
Need help?
General
