89
Table of Contents
Linksys
Table of Contents
Linksys
• Shutdown—Drop packet that meets the ACE criteria and disable the
port to which the packet was addressed. Ports are reactivated from
the Port Management page.
• Protocol—Select to create an ACE based on a specific protocol or protocol
ID. Select Any IPv4 to accept all IP protocols. Otherwise select one of the
following protocols from the drop-down list:
• ICMP—Internet Control Message Protocol
• IGMP—Internet Group Management Protocol
• IP in IP—IP in IP encapsulation
• TCP—Transmission Control Protocol
• UDP—User Datagram Protocol
• Protocol ID —Instead of selecting the name, enter the protocol ID.
• Source IP Address—Select Any if all source address are acceptable or User
Defined to enter a source address or range of source addresses.
• Source IP Address Value—Enter the IP address to which the source MAC
address is to be matched and its mask (if relevant).
• Source IP Wildcard Mask—Enter the mask to define a range of IP
addresses. Setting a bit as 1 indicates don’t care and 0 indicates to mask
that value.
NOTE:
Given a mask of 0000 0000 0000 0000 0000 0000 1111 1111 (which means
that you match on the bits where there is 0 and don’t match on the bits
where there are 1’s). You need to translate the 1’s to a decimal integer and
you write 0 for each four zeros. In this example since 1111 1111 = 255, the
mask would be written: as 0.0.0.255.
• Destination IP Address—Select Any if all destination address are
acceptable or User Defined to enter a destination address or range of
destination addresses.
• Destination IP Address Value—Enter the IP address to which the
destination IP address is to be matched.
• Destination IP Wildcard Mask—Enter the mask to define a range of
IP addresses.
• Source Port—Select one of the following:
• Any—Match to all source ports.
• Single Port—Enter a single TCP/UDP source port to which packets
are matched. This field is active only if 800/6-TCP or 800/17-UDP is
selected in the Select from List drop-down menu.
• Destination Port—Select one of the available values that are the same as
the Source Port field described above.
NOTE:
You must specify the IP protocol for the ACE before you can enter the source
and/or destination port.
• Type of Service—The service type of the IP packet.
• Any—Any service type
• DSCP to Match—Differentiated Serves Code Point (DSCP) to match
• IP Precedence to match—IP precedence is a model of TOS (type of
service) that the network uses to help provide the appropriate QoS
commitments. This model uses the 3 most significant bits of the service
type byte in the IP header, as described in RFC 791 and RFC 1349.
STEP 5 Click Apply. The IPv4-Based ACE is saved to the Running
Configuration file.
IPv6-Based ACL
To define an IPv6-Based ACL:
STEP 1 Click Configuration > Access Control List > IPv6 Based ACL.
This page contains all currently defined IPv6-Based ACLs.
STEP 2 Click Add.
STEP 3 Enter the name of the new ACL in the ACL Name field. The names are
case-sensitive.
STEP 4 Click Apply. The IPv6-Based ACL is saved to the Running
Configuration file.
IPv6-Based ACE
To add rules (ACEs) to an IPv6-Based ACL:
STEP 1 Click Configuration > Access Control List > IPv6-Based ACE.
STEP 2 Select an ACL, and click Search. All currently-defined IP ACEs for the
selected ACL are displayed.
To Next Page
Loading...
Need help?
General
