Device Security 93
L2 ACLs can apply to one or more interfaces.
Multiple access lists can be applied to a single interface; sequence number determines the order of
execution.
You can assign packets to queues using the assign queue option.
IP ACLs
IP ACLs classify for Layers 3 and 4.
Each ACL is a set of up to ten rules applied to inbound traffic. Each rule specifies whether the contents
of a given field should be used to permit or deny access to the network, and may apply to one or more of
the following fields within a packet:
• Destination IP with wildcard mask
•Destination L4 Port
•Every Packet
•IP DSCP
• IP Precedence
•IP TOS
•Protocol
• Source IP with wildcard mask
•Source L4 port
• Destination Layer 4 port
ACL Configuration Process
To configure ACLs, follow these steps:
1
Create a MAC ACL by specifying a name.
2
Create an IP ACL by specifying a number.
3
Add new rules to the ACL.
4
Configure the match criteria for the rules.
5
Apply the ACL to one or more interfaces.
IP ACL CLI Examples
The script in this section shows you how to set up an IP ACL with two rules, one applicable to TCP
traffic and one to UDP traffic. The content of the two rules is the same. TCP and UDP packets will only
be accepted by the PowerConnect 6200 Series switch if the source and destination stations have IP
addresses that fall within the defined sets.
To Next Page
Loading...
