Access control list status – Interlogix GE-DSSG-244-POE User Manual User Manual

IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual

162

ACE is an acronym for Access Control Entry. It describes access permission associated with a particular ACE ID.
There are three ACE frame types (Ethernet Type, ARP, and IPv4) and two ACE actions (permit and deny). The ACE also contains
many detailed, different parameter options that are available for individual application.

Access Control List Status

This page shows the ACL status by different ACL users. Each row describes the ACE that is defined. It is a conflict if a specific ACE
is not applied to the hardware due to hardware limitations. The Voice VLAN OUI Table screen is shown

Figure 4-9-15

.

Figure 4-10-1

ACL Status page screenshot

The page includes the following fields:

Object

Description

• User

Indicates the ACL user.

• Ingress Port

Indicates the ingress port of the ACE. Possible values are:
Any

: The ACE will match any ingress port.

Policy

: The ACE will match ingress ports with a specific policy.

Port

: The ACE will match a specific ingress port.

• Frame Type

Indicates the frame type of the ACE. Possible values are:
Any

: The ACE will match any frame type.

EType

: The ACE will match Ethernet Type frames. Note that an Ethernet Type

based ACE will not get matched by IP and ARP frames.
ARP

: The ACE will match ARP/RARP frames.

IPv4

: The ACE will match all IPv4 frames.

IPv4/ICMP

: The ACE will match IPv4 frames with ICMP protocol.

IPv4/UDP

: The ACE will match IPv4 frames with UDP protocol.

IPv4/TCP

: The ACE will match IPv4 frames with TCP protocol.

IPv4/Other

: The ACE will match IPv4 frames, which are not ICMP/UDP/TCP.

• Action

Indicates the forwarding action of the ACE.
Permit

: Frames matching the ACE may be forwarded and learned.

Deny

: Frames matching the ACE are dropped.

• Rate Limiter

Indicates the rate limiter number of the ACE. The allowed range is 1 to 15. When
Disabled is displayed, the rate limiter operation is disabled.

• Port Copy

Indicates the port copy operation of the ACE. Frames matching the ACE are
copied to the port number. The allowed values are Disabled or a specific port
number. When Disabled is displayed, the port copy operation is disabled.

• CPU

Forward packet that matched the specific ACE to CPU.

• CPU Once

Forward first packet that matched the specific ACE to CPU.

• Counter

The counter indicates the number of times the ACE was hit by a frame.

• Conflict

Indicates the hardware status of the specific ACE. The specific ACE is not
applied to the hardware due to hardware limitations.

Buttons

:

Select the ACL status from this drop down list.

Auto-refresh

: Check this box to refresh the page automatically. Automatic refresh occurs at regular intervals.

: Click to refresh the page; any changes made locally will be undone.