Managing Device Security
202
GS752TP, GS728TP, and GS728TPP Gigabit Smart Switches
• Destination L4 Port Number: If the destination L4 keyword is Other, enter a
user-defined port ID by which packets are matched to the rule.
• Service Type. Select one of the Service T
ype match conditions for the extended IP
ACL rule. The possible values are IP DSCP, IP precedence, and IP ToS, which are
alternative ways of specifying a match criterion for the same Service Type field in the
IP header; however, each uses a different user notation. After you select the service
type, specify the value associated with the type.
• IP DSCP: Specify the IP Dif
fServ Code Point (DSCP) value. The DSCP is defined
as the high-order 6 bits of the service type octet in the IP header
. Select an IP
DSCP value from the list. To specify a numeric value in the available field, select
Other from the list and type an integer from 0 to 63 in the field.
4. Click ADD.
To modify an existing IP Extended ACL rule, click in the Rule ID field. The number is a
hyperlink to the Extended ACL Rule Configuration screen.
If you modify the rule, click APPLY to submit the changes to the switch.
IPv6 ACL
An IPv6 ACL consists of a set of rules that are matched sequentially against a packet. When
a packet meets the match criteria of a rule, the specified rule action (permit or deny) is taken,
and the additional rules are not checked for a match. On this screen, the interfaces to which
an IP ACL applies must be specified, as well as whether it applies to inbound or outbound
traffic.
To add an IPv6 ACL:
1. Select Security
ACL, then click the Advanced IPv6 ACL link.
The following screen displays:
To Next Page
Loading...
Need help?
General
Weight and Dimensions
