EasyManua.ls Logo

D-Link DES-3052P - Page 179

D-Link DES-3052P
358 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Switch CLI Reference Manual
174
config access_profile
implemented using the following equation – 64 value = 64kbit/sec. The user may select a value
between 64- 1024000 or no limit. The default setting is no limit.
deny – Specifies that packets that do not match the access profile are not permitted to be
forwarded by the Switch and will be filtered.
time_range <range_name 32> – Choose this parameter and enter the name of the Time Range
settings that has been previously configured using the config time_range command. This will
set specific times when this access rule will be enabled or disabled on the Switch.
delete access_id <value 1-65535> Use this command to delete a specific ACL rule from the
Ethernet profile, IP profile or packet_content profile. Up to 256 rules may be specified for all
access profiles.
Restrictions
Only Administrator-level users can issue this command.
Restriction: When the ACL rule is configured, the VLAN and DSCP cant be configured with
source IP, destination IP or replace priority it can only be configured with DSCP.
Example usage:
To configure the access profile with the profile ID of 1 to filter frames on port 7 that have IP addresses in the range
between 10.42.73.0 to 10.42.73.255:
DES-3028P:4# config access
_
profile profile
_
id 1 add access
_
id 1 ip source
_
ip
10.42.73.1 port 7 deny
Command: config access
_
profile profile
_
id 1 add access
_
id 1 ip source
_
ip
10.42.73.1 port 7 deny
Success.
DES-3028P:4#
show access_profile
Purpose Used to display the currently configured access profiles on the Switch.
Syntax
show access_profile profile_id <value 1-256>
Description The show access_profile command is used to display the currently configured
access profiles.
Parameters profile_id <value 1-256> – Specify the profile id to display only the access rules
configuration for a single profile ID. The user may enter a profile ID number
between 1 and 256.
Restrictions None.
NOTE: Address Resolution Protocol (ARP) is the standard for finding a host's hardware address (MAC
Address). However, ARP is vulnerable as it can be easily spoofed and utilized to attack a LAN (known as
ARP spoofing attack). For a more detailed explaination on how ARP protocol works and how to employ D-
Link’s advanced unique Packet Content ACL to prevent an ARP spoofing attack, please see Appendix B,
at the end of this manual.

Table of Contents

Other manuals for D-Link DES-3052P

Preview: User Manual
User Manual273 pages

Related product manuals