Managing Device Security
274
S3300 Smart Managed Pro Switch
MAC ACL
A MAC ACL consists of a set of rules which are matched sequentially against a packet. When
a packet meets the match criteria of a rule, the specified rule action (Permit/Deny) is taken
and the additional rules are not checked for a match.
There are multiple steps involved in defining a MAC ACL and applying it to the switch:
1. Create the ACL ID. See MAC ACL on page 274.
2. Create a MAC rule. See MAC Rules on page 274.
3. Associate the MAC ACL with one or more interfaces. See MAC Binding Configuration on
page 277.
To add a MAC ACL:
1. Select Security > Basic > MAC ACL.
The MAC ACL table displays the number of ACLs currently configured in the switch and
the maximum number of ACLs that can be configured. The current size is equal to the
number of configured IPv4 ACLs plus the number of configured MAC ACLs.
2. In the Name field, specify a name for the MAC ACL.
The name string can include alphabetic, numeric, dash, underscore, or space characters
only. The name must start with an alphabetic character.
3. Click the Add button.
Each configured ACL displays the following information:
• Rules. The number of rules currently configured for the MAC ACL.
• Direction. The direction of packet traffic affected by the MAC ACL, which can be Inbound
or blank.
To change the name of a MAC ACL:
1. Select the check box next to the Name field for the ACL to modify.
2. In the Name field, specify the new name.
3. Click the Apply button.
To delete a MAC ACL:
1. Select the check box next to the Name field.
2. Click the Delete button.
MAC Rules
Use the MAC Rules screen to define rules for MAC-based ACLs. The access list definition
includes rules that specify whether traffic matching the criteria is forwarded normally or
discarded. A default deny all rule is the last rule of every list.
To Next Page
Loading...
