beautypg.com

2 configuring an acl, 1 adding a new acl, 2 configuring an acl -20 – Motorola Series Switch WS5100 User Manual

Page 244: Configuring an acl

background image

6-20 WS5100 Series Switch System Reference Guide

6.5.2 Configuring an ACL

Configure an ACL to enforce privilege separation and determine appropriate switch access permissions for
groups and users.

To configure an ACL:

1. Select

Security

>

ACLs

from the main tree menu.

2. Click the

Configuration

tab.

3. The Configuration tab consists of the following two fields:

• ACLs - existing access lists

• Associated Rules - allow/deny rules

The

ACLs

field displays the list of ACLs currently associated with the switch. An ACL contains an ordered

list of ACEs. Each ACE specifies a permit or deny designation and a set of conditions the packet must
satisfy in order to match the ACE. Because the switch stops testing conditions after the first match, the
order of conditions in the list is critical.

4. If an existing ACL no longer satisfies switch access control requirements, select it from amongst the

existing ACLs and click the

Delete

button.

5. Use the

Add

button (within the ACLs field) to add an additional ACL. For more information, see Adding a

New ACL on page 6-20.

6. Refer to the

Associated Rules

field to assess the rules and precedence associated with each ACL. If

necessary, rules and can be added or existing rules modified. For more information, see Adding a New
ACL Rule on page 6-21
.

6.5.2.1 Adding a New ACL

When a packet is received by the switch, the switch compares the packet against the ACL to verify t the
packet has the required permissions to be forwarded. Often, ACLs need to be added as client permissions
change during switch operation.