Manage Device Security
363
M4100 Series Managed Switch
The choices are permit or deny.
10. Use Logging to enable logging for this ACL rule (subject to resource availability in the
device).
If the Access List Trap flag is also enabled, this causes periodic traps to be generated
indicating the number of times this rule was 'hit' during the current report interval. A fixed
5 minute report interval is used for the entire system. A trap is not issued if the ACL rule
hit count is zero for the current interval. This field is visible for a Deny action.
11. Use Assign Queue ID to specify the hardware egress queue identifier used to handle all
packets matching this IPv6 ACL rule.
The valid range of queue IDs is 0 to 7. This field is visible for a Permit action.
12. Use Mirror Interface to specify the specific egress interface where the matching traffic
stream is copied in addition to being forwarded normally by the device.
This field cannot be set if a redirect interface is already configured for the ACL rule. This
field is visible for a Permit action.
13. Use Redirect Interface to specify the specific egress interface where the matching traffic
stream is forced, bypassing any forwarding decision normally performed by the device.
This field cannot be set if a mirror interface is already configured for the ACL rule. This
field is visible for a Permit action.
14. Use Match Every to select True or False.
True signifies that all packets match the selected IPv6 ACL and rule and is either
permitted or denied. In this case, since all packets match the rule, the option of
configuring other match criteria is not offered. To configure specific match criteria for the
rule, remove the rule and re-create it, or reconfigure 'Match Every' to 'False' for the other
match criteria to be visible.
15. Protocol. There are two ways to configure IPv6 protocol:
a. Specify an integer ranging from 1 to 255 after selecting protocol keyword other. This
number represents the IP protocol.
b. Select the name of a protocol from the existing list of Internet Protocol (IPv6),
Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Internet
Control Message Protocol (ICMPv6).
16. Use Source Prefix / Prefix Length to specify IPv6 prefix combined with IPv6 prefix length
of the network or host from which the packet is being sent.
Prefix length can be in the range 0 to 128.
17. Use Source L4 Port to specify a packet's source Layer 4 port as a match condition for the
selected IPv6 ACL rule.
Source port information is optional. Source port information can be specified in two ways:
• Select the keyword other from the menu and specify the number of the port in the
range from 0 to 65535.
To Next Page
Loading...
Need help?
General
