beautypg.com

Fortinet MR1 User Manual

Page 597

background image

597

Configurable Data

Rule - Enter a whole number in the range of (1 to 8) that will be used to identify the rule.

Action - Specify what action should be taken if a packet matches the rule's criteria. The choices are
permit or deny.

Assign Queue ID - Specifies the hardware egress queue identifier used to handle all packets matching
this ACL rule. Valid range of Queue Ids is (0 to 6).

Redirect Interface - Specifies the specific egress interface where the matching traffic stream is forced,
bypassing any forwarding decision normally performed by the device.

CoS - Specifies the 802.1p user priority to compare against an Ethernet frame. Valid range of values is
(0 to 7).

Destination MAC - Specifies the destination MAC address to compare against an Ethernet frame.
Valid format is (xx:xx:xx:xx:xx:xx). The BPDU keyword may be specified using a Destination MAC
address of 01:80:C2:xx:xx:xx.

Ethertype Key - Specifies the Ethertype value to compare against an Ethernet frame.
Valid values are

ƒ

Appletalk

ƒ

ARP

ƒ

IBM SNA

ƒ

IPv4

ƒ

IPv6

ƒ

IPX

ƒ

MPLS multicast

ƒ

MPLS unicast

ƒ

NetBIOS

ƒ

Novell

ƒ

PPPoE

ƒ

Reverse ARP

ƒ

User Value

Ethertype User Value - Specifies the user defined customised Ethertype value to be used when the
user has selected "User Value" as Ethertype Key, to compare against an Ethernet frame. Valid range of
values is (0x0600 to 0xFFFF).

Source MAC - Specifies the Source MAC address to compare against an Ethernet frame. Valid format
is (xx:xx:xx:xx:xx:xx).

VLAN - Specifies the VLAN ID to compare against an Ethernet frame. Valid range of values is (1 to
3965). Either VLAN Range or VLAN can be configured.

Match Every - Specifies an indication to match every Layer 2 MAC packet.
Valid values are

ƒ

True - Signifies that every packet is considered to match the selected ACL Rule.

ƒ

False - Signifies that it is not mandatory for every packet to match the selected ACL Rule.