EasyManuals Logo

Ruijie RG-WLAN Series User Manual

Ruijie RG-WLAN Series
1243 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #912 background imageLoading...
Page #912 background image
Configuration Guide Configuring ACL
No matter whether the MAC extended ACL is a named or numbered ACL, you can run the following command in MAC
extended ACL mode to add an ACE:
[sn] { permit | deny } {any | host src-mac-addr }{any | host dst-mac-addr } [ethernet-type] [coscos ] [innercos]
[ time-rangetm-rng-name ]
For a numbered MAC extended ACL, you can also run the following command in global configuration mode to add an
ACE:
access-list acl-id { permit | deny } {any | host src-mac-addr }{any | host dst-mac-addr } [ethernet-type] [coscos ]
[innercos] [ time-rangetime-range-name ]
Applying an MAC Extended ACL
By default, the MAC extended ACL is not applied to any interface, that is, the created MAC extended ACL does not filter
incoming or outgoing L2 packets of a device.
Run the mac access-group { acl-id | acl-name } { in| out } command in interface configuration mode to apply an MAC
extended ACL to a specified interface.
11.3.3 Expert Extended ACL
You can create an expert extended ACL to match the L2 and L3 information in packets using the same rule. The expert
extended ACL can be treated as a combination and enhancement of the IP ACL and the MAC extended ACL because the
expert extended ACL can contain ACEs in both the IP ACL and the MAC extended ACL. In addition, the VLAN ID can be
specified in the expert extended ACL to filter packets.
Working Principle
Define a series of access rules in the expert extended ACL, and then apply the ACL in the incoming or outgoing direction of
an interface. The device checks whether incoming or outgoing packets match the rules and accordingly forwards or blocks
these packets.
To configure an expert extended ACL, you must specify a unique name or ID for this ACL so that the protocol can uniquely
identify each ACL. The following table lists the ID range of the expert extended ACL.
Protocol
ID Range
Expert extended ACL
27002899
When an expert extended ACL is created, defined rules can be applied to all packets. The device determines whether to
forward or block packets by checking whether packets match these rules.
Typical rules defined in an expert extended ACL include:
All information in the basic ACL and MAC extended ACL
VLAN ID
The expert extended ACL (ID range: 27002899) is a combination of the basic ACL and MAC extended ACL, and can filter
packets based on the VLAN ID.

Table of Contents

Other manuals for Ruijie RG-WLAN Series

Preview: Rgos Command Reference
Rgos Command Reference657 pages
Preview: Configuration Guide
Configuration Guide712 pages
Preview: Web-Based Configuration Guide
Web-Based Configuration Guide71 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Ruijie RG-WLAN Series and is the answer not in the manual?

Ruijie RG-WLAN Series Specifications

General IconGeneral
BrandRuijie
ModelRG-WLAN Series
CategoryWireless Access Point
LanguageEnglish

Related product manuals