Configuring Device Security
Defining Access Control
Cisco Small Business SFE/SGE Managed Switches Administration Guide 95
4
• New Rule Priority — Indicates the ACE priority, which determines which ACE is
matched to a packet on a first-match basis. The possible field values are 1-
2147483647.
• Source MAC Address:
-
MAC Addres
s — Matches the source MAC address from which packets
are addressed to the ACE.
-
Wildcard Mask
— Indicates the source MAC Address wildcard mask.
Wildcards are used to mask all or part of a source MAC Address.
Wildcard masks specify which octets are used and which octets are
ignored. A wildcard mask of ff:ff:ff:ff:ff:ff indicates that no octet is
important. A wildcard of 00:00:00:00:00:00 indicates that all the octets
are important. For example, if the source MAC address
09:00:07:A9:B2:EB and the wildcard mask is 00:ff:00:ff:00:ff, the 1st, 3rd,
and 5th octets of the MAC address are checked, while the 2nd, 4th, and
6th octets are ignored.
• Dest. MAC Address:
-
MAC Address
— Matches the destination MAC address to which
packets are addressed to the ACE.
-
Wildcard Mask
— Indicates the destination MAC Address wildcard
mask. Wildcards are used to mask all or part of a destination MAC
Address. Wildcard masks specify which octets are used and which
octets are ignored. A wildcard mask of ff:ff:ff:ff:ff:ff indicates that no octet
is important. A wildcard of 00:00:00:00:00:00 indicates that all the octets
are important. For example, if the destination IP address
09:00:07:A9:B2:EB and the wildcard mask is 00:ff:00:ff:00:ff, the 1st, 3rd,
and 5th octets of the MAC address are checked, while the 2nd, 4th, and
6th octets are ignored.
• VLAN ID — Matches the packet’s VLAN ID to the ACE. The possible field values
are 1 to 4095.
• Inner VLAN — Matches the ACE to the inner VLAN ID of a double tagged
packet.
• 802.1p — Displays the packet tag value.
• 802.1p Mask — Displays the wildcards bits to be applied to the CoS.
• Ethertype — Displays the Ethernet type of the packet.
• Action — Indicates the ACL forwarding action. The possible field values are:
To Next Page
Loading...
