Manage Device Security
357
M4100 Series Managed Switch
• Logging. When set to Enable, logging is enabled for this ACL rule (subject to
resource availability in the device). If the Access List Trap flag is also enabled, this
causes periodic traps to be generated indicating the number of times this rule was 'hit'
during the current report interval. A fixed 5-minute report interval is used for the entire
system. A trap is not issued if the ACL rule hit count is zero for the current interval.
This field is visible for a Deny action.
• Assign Queue ID. Specifies the hardware egress queue identifier used to handle all
packets matching this IP ACL rule. The valid range of queue IDs is 0 to 7. This field is
visible when Permit is chosen as Action.
• Match Every. Select True or False. True signifies that all packets match the selected
IP ACL and rule and is either permitted or denied. In this case, since all packets
match the rule, the option of configuring other match criteria is not offered. To
configure specific match criteria for the rule, remove the rule and recreate it, or
reconfigure Match Every to False for the other match criteria to be visible.
• Redirect Interface. Specifies the specific egress interface where the matching traffic
stream is forced, bypassing any forwarding decision normally performed by the
device. This field cannot be set if a mirror interface is already configured for the ACL
rule. This field is enabled for a Permit action.
• Source IP Address. Enter an IP address using dotted-decimal notation to be
compared to a packet's source IP address as a match criteria for the selected IP ACL
rule.
• Source IP Mask. Specify the IP Mask in dotted-decimal notation to be used with the
Source IP address value.
• Rate Limit Conform Data Rate. The value of Rate Limit Conform Data Rate
specifies the conforming data rate of IP ACL rule. The valid values are 1 to
4294967295 in Kbps.
• Rate Limit Burst Size. The value of Rate Limit Burst Size specifies the burst size of
the IP ACL rule. The valid values are 1 to 128 in Kbytes.
• Time Range. Name of the time range associated with the IP ACL rule.
• Rule Status. Displays if the ACL rule is active or inactive. Blank means that no timer
schedules are assigned to the rule.
9. To delete an IP ACL rule, select the check box associated with the rule, and then click the
DELETE button.
10. To update an IP ACL rule, select the check box associated with the rule, update the desired
fields.
You cannot modify the rule ID of an existing IP rule.
11. Click the APPLY button.
The updated configuration is sent to the switch. Configuration changes take effect
immediately.
To Next Page
Loading...
Need help?
General
