Access Control
IPv4-based ACLs
Cisco 500 Series Stackable Managed Switch Administration Guide 586
27
• Source MAC Address—Select Any if all source address are acceptable or
User defined to enter a source address or range of source addresses.
• Source MAC Address Value—Enter the MAC address to which the source
MAC address is to be matched and its mask (if relevant).
• Source MAC Wildcard Mask—Enter the mask to define a range of MAC
addresses.
• VLAN ID—Enter the VLAN ID section of the VLAN tag to match.
• 802.1p—Select Include to use 802.1p.
• 802.1p Value—Enter the 802.1p value to be added to the VPT tag.
• 802.1p Mask—Enter the wildcard mask to be applied to the VPT tag.
• Ethertype—Enter the frame Ethertype to be matched.
STEP 5 Click Apply. The MAC-based ACE is saved to the Running Configuration file.
IPv4-based ACLs
IPv4-based ACLs are used to check IPv4 packets, while other types of frames,
such as ARPs, are not checked.
The following fields can be matched:
• IP protocol (by name for well-known protocols, or directly by value)
• Source/destination ports for TCP/UDP traffic
• Flag values for TCP frames
• ICMP and IGMP type and code
• Source/destination IP addresses (including wildcards)
• DSCP/IP-precedence value
NOTE ACLs are also used as the building elements of flow definitions for per-flow QoS
handling.
The IPv4 Based ACL page enables adding ACLs to the system. The rules are
defined in the IPv4 Based ACE page.
To Next Page
Loading...
Need help?
General
