NETGEAR XS728T ProSAFE - Ipv6 Acl; Ipv6 Rules

To Next Page

To Previous Page

Security

145

XS728T ProSAFE 28-Port 10-Gigabit L2+ Smart Switch

To modify an existing IP Extended ACL rule, click in the Rule ID field. The number is a

hyperlink to the Extended ACL Rule Configuration screen.

If you modify the rule, click Apply to submit the changes to the switch.

IPv6 ACL

An IPv6 ACL consists of a set of rules that are matched sequentially against a packet. When

a packet meets the match criteria of a rule, the specified rule action (permit or deny) is taken,

and the additional rules are not checked for a match. On this screen, the interfaces to which

an IP ACL applies must be specified, as well as whether it applies to inbound or outbound

traffic.

 To add an IPv6 ACL:

1. Select Security > ACL, then click the Advanced > IPv6 ACL link.

2. In the IPv6 ACL field, configure the name of IPv6 ACL.

• The number of the rules associated with the IP ACL is displayed in the Rules field.

• The ACL type is IPv6 ACL and is displayed in the Type field.

3. Click Add.

To delete an IPv6 ACL, select the check box associated with the rule and click Delete.

IPv6 Rules

Use the IPv6 Rules screen to configure the rules for the IPv6 access control lists. The IPv6

access control lists are created using the IPv6 ACL screen. By default, no specific value is in

effect for any of the IPv6 ACL rules.

 To add an IPv6 rule:

1. Select Security > ACL > Advanced > IPv6 Rules link.

2. From the pull-down list in the ACL Name field, select the IP ACL for which to create or

update a rule.

3. Configure the settings for the new rule.

• Rule ID. Enter a whole number in the range of 1–50 that is used to identify the rule.

An IPv6 ACL might have up to 50 rules.

• Action. Specify what action must be taken if a packet matches the rule's criteria. The

choices are Permit or Deny.

• Logging. When set to Enable, logging is enabled for this ACL rule (subject to

resource availability in the device). If the access list trap flag is also enabled, this

causes periodic traps to be generated indicating the number of times this rule was hit

during the current report interval. A fixed 5-minute report interval is used for the entire

system. A trap is not issued if the ACL rule hit count is 0 for the current interval. This

field is visible for a deny action.

• Match Every. Select Enable or Disable. Enable signifies that all packets that match

the selected IPv6 ACL and rule are either permitted or denied. In this case, since all

Related product manuals