Configuring Device Security
Defining Access Control
Cisco Small Business SFE/SGE Managed Switches Administration Guide 111
4
Add IP Based Rule Page
The
Add IP Based Rule Page
contains the following fields:
• ACL Name — Displays the user-defined IP based ACLs.
• New Rule Priority — Indicates the rule priority, which determines which rule is
matched to a packet on a first-match basis.
• Protocol — Creates an ACE based on a specific protocol. For a list of available
protocols, see the Protocol field description in the
IP Based ACL Page
above.
• Source Port — Defines the TCP/UDP source port to which the ACE is matched.
This field is active only if 800/6-TCP or 800/17-UDP are selected in the Select
from List drop-down menu. The possible field range is 0 - 65535.
• Destination Port — Defines the TCP/UDP destination port. This field is active
only if 800/6-TCP or 800/17-UDP are selected in the Select from List drop-
down menu. The possible field range is 0 - 65535.
• TCP Flags — Filters packets by TCP flag. Filtered packets are either forwarded
or dropped. Filtering packets by TCP flags increases packet control, which
increases network security. The possible field values are:
• ICMP — Indicates if ICMP packets are permitted on the network. The possible
field values are as follows:.
• ICMP Code — Indicates and ICMP message code for filtering ICMP packets.
ICMP packets that are filtered by ICMP message type can also be filtered by
the ICMP message code.
To Next Page
Loading...
