Mac acl sample configuration – NETGEAR M4350-24F4V 24-Port 10G SFP+ Managed AV Network Switch User Manual
Page 913
The access list definition includes rules that specify whether traffic matching the
criteria is forwarded normally or discarded. Additionally, you can assign traffic that
matches the criteria to a particular queue or redirect the traffic to a particular port.
A default
deny all
rule is the last rule of every list.
2. Apply the access list to an interface in the inbound direction.
The switch allow ACLs to be bound to physical ports and LAGs. The switch supports
MAC ACLs and IP ACLs.
MAC ACL sample configuration
The following example shows how to create a MAC-based ACL that permits Ethernet
traffic from the Sales department on specified ports and denies all other traffic on those
ports.
1. On the MAC ACL page, create an ACL with the name Sales_ACL for the Sales
department of your network (see Configure a MAC ACL on page 794).
By default, this ACL is bound on the inbound direction, which means that the switch
examines traffic as it enters the port.
2. On the MAC Rules page, create a rule for the Sales_ACL with the following settings:
•
Sequence Number: 1
•
Action: Permit
•
Assign Queue ID: 0
•
Match Every: False
•
CoS: 0
•
Destination MAC: 01:02:1A:BC:DE:EF
•
Destination MAC Mask: 00:00:00:00:FF:FF
•
EtherType: User Value
•
Source MAC: 02:02:1A:BC:DE:EF
•
Source MAC Mask: 00:00:00:00:FF:FF
•
VLAN ID: 2
For more information about MAC ACL rules, see Configure MAC ACL rules on page
797.
3. On the MAC Binding Configuration page, assign the Sales_ACL to 6, 7, and 8, and
then click the Apply button. (See Configure MAC bindings on page 801.)
Main User Manual
913
Configuration Examples
Fully Managed Switches M4350 Series Main User Manual