beautypg.com

3Com 2924-PWR User Manual

Page 76

background image

76

C

HAPTER

4: M

ANAGING

D

EVICE

S

ECURITY

wildcard mask matches all IP addresses in the range 149.36.184.0
to 149.36.184.255. A wildcard mask must not contain leading
zeroes. For example, a wildcard mask of 010.010.011.010 is
invalid, but a wildcard mask of 10.10.11.10 is valid.

Match DSCP — Matches the packet DSCP value to the ACL. Either
the DSCP value or the IP Precedence value is used to match packets to
ACLs.

Match IP Precedence — Matches the packet IP Precedence value to
the rule. Either the DSCP value or the IP Precedence value is used to
match packets to ACLs.

Action — Defines the ACL forwarding action. In addition, the port
can be shut down, a trap can be sent to the network administrator, or
packet is assigned rate limiting restrictions for forwarding. The options
are as follows:

Permit — Forwards packets which meet the ACL criteria.

Deny — Drops packets which meet the ACL criteria.

Shutdown — Drops packet that meets the ACL criteria, and
disables the port to which the packet was addressed. Ports are
reactivated from the Port Administration Setup Page.

To create a new IP-based ACL:

1 Select Create ACL.

2 Enter the name of the new ACL.

3 Click

. The new ACL is created, and the device is updated.

To define a new IP-based ACL rule:

1 Select Selection ACL.

2 Select the ACL from the list.

3 Define the fields for the new ACL rule.

4 Click

. The new IP-based ACL rule settings are configured,

and the device is updated.

See also other documents in the category 3Com Computer Accessories: