Access Control
IPv4-based ACLs
Cisco 500 Series Stackable Managed Switch Administration Guide 586
27
• Source MAC Address—Select Any if all source address are acceptable or
User defined to enter a source address or range of source addresses.
• Source MAC Address Value—Enter the MAC address to which the source
MAC address is to be matched and its mask (if relevant).
• Source MAC Wildcard Mask—Enter the mask to define a range of MAC
addresses.
• VLAN ID—Enter the VLAN ID section of the VLAN tag to match.
• 802.1p—Select Include to use 802.1p.
• 802.1p Value—Enter the 802.1p value to be added to the VPT tag.
• 802.1p Mask—Enter the wildcard mask to be applied to the VPT tag.
• Ethertype—Enter the frame Ethertype to be matched.
STEP 5 Click Apply. The MAC-based ACE is saved to the Running Configuration file.
IPv4-based ACLs
IPv4-based ACLs are used to check IPv4 packets, while other types of frames,
such as ARPs, are not checked.
The following fields can be matched:
• IP protocol (by name for well-known protocols, or directly by value)
• Source/destination ports for TCP/UDP traffic
• Flag values for TCP frames
• ICMP and IGMP type and code
• Source/destination IP addresses (including wildcards)
• DSCP/IP-precedence value
NOTE ACLs are also used as the building elements of flow definitions for per-flow QoS
handling.
The IPv4 Based ACL page enables adding ACLs to the system. The rules are
defined in the IPv4 Based ACE page.
To Next Page
Loading...
