SNR S2940-8G-v2 Switch Configuration Guide
ACL Configuration
43.1.3 Access-list Action and Global Default Action
There are two access-list actions and default actions: 'permit' or 'deny'. The following rules apply:
• An access-list can consist of several rules. Filtering of packets compares packet conditions
to the rules, from the first rule to the first matched rule; the rest of the rules will not be
processed. Global default action applies only to IP packets in the incoming direction on the
ports.
• Global default action applies only when packet flirter is enabled on a port and no ACL is
bound to that port, or no binding ACL matches.
43.2 ACL Configuration Task List
ACL Configuration Task Sequence:
1. Configuring access-list
(a) Configuring a numbered standard IP access-list
(b) Configuring a numbered extended IP access-list
(c) Configuring a standard IP access-list based on nomenclature
i. Create a standard IP access-list based on nomenclature
ii. Specify multiple 'permit' or 'deny' rule entries
iii. Exit ACL Configuration Mode
(d) Configuring an extended IP access-list based on nomenclature
i. Create an extensive IP access-list based on nomenclature
ii. Specify multiple 'permit' or 'deny' rule entries
iii. Exit ACL Configuration Mode
(e) Configuring a numbered standard MAC access-list
(f) Configuring a numbered extended MAC access-list
(g) Configuring a extended MAC access-list based on nomenclature
i. Create a extensive MAC access-list based on nomenclature
ii. Specify multiple 'permit' or 'deny' rule entries
iii. Exit ACL Configuration Mode
(h) Configuring a numbered extended MAC-IP access-list
(i) Configuring a extended MAC-IP access-list based on nomenclature
i. Create a extensive MAC-IP access-list based on nomenclature
ii. Specify multiple 'permit' or 'deny' rule entries
iii. Exit MAC-IP Configuration Mode
(j) Configuring a numbered standard IPv6 access-list
(k) Configuring a numbered extended IPv6 access-list
280
To Next Page
Loading...
General