beautypg.com

NETGEAR AV Line M4250 GSM4210PX 8-Port Gigabit PoE+ Compliant Managed AV Switch with SFP (220W) User Manual

Page 686

background image

Each of these values translates into its equivalent port number, which is used as
both the start and end of the port range.
Select Other from the menu to enter a port number. If you select Other from the
menu but leave the field blank, it means any.
The only relevant matching condition for L4 port numbers is equal. This means
that an IPv6 ACL rule matches only if the Layer 4 destination port number is equal
to the specified port number or port protocol.

• ICMPv6: The Type and Message fields are enabled only if the protocol is ICMPv6.

Use these fields to specify a match condition for ICMPv6 packets. Select either
the Type or Message radio button:

If you select the Type radio button, note the following:

-

The Type and Code fields are enabled only if the protocol is ICMPv6. Use
these fields to specify a match condition for ICMPv6 packets:

-

If you specify information in the Type field, the IPv6 ACL rule matches the
specified ICMPv6 message type. The type number can be from 0 to 255.

-

If you specify information in the Code field, the IPv6 ACL rule matches the
specified ICMPv6 message code. The code can be from 0 to 255.

-

If these fields are left empty, it means any.

If you select the Message radio button, note the following:

-

Select the type of the ICMPv6 message to match with the selected IPv6
ACL rule. Specifying a type of message implies that both the ICMPv6 type
and ICMPv6 code are specified. The ICMPv6 message is decoded into the
corresponding ICMPv6 type and ICMPv6 code within the ICMP type.

-

The ISMPv6 message types are destination-unreachable, echo-reply,
echo-request, header, hop-limit, MLD-query, MLD-reduction,
MLD-report, next-header, no-admin, no-route, packet-too-big,
port-unreachable, router-solicitation, router-advertisement,
router-renumbering, unreachable, time-exceeded, nd-na, and nd-ns.

• Fragments: Either select the Enable radio button to allow initial fragments (that

is, the fragment bit is asserted) or leave the default Disable radio button selected
to prevent initial fragments from being used.
This option is not valid for rules that match L4 information such as TCP port number,
because that information is carried in the initial packet.

• Flow Label: The Flow Label field is enabled only if the selection from the Protocol

Type menu is ICMPv6. The flow label is 20-bit number that is unique to an IPv6
packet and that is used by end stations to signify quality-of-service handling in
routers. The range for the flow label is from 0 to 1048575.

Main User Manual

686

Manage Switch Security

AV Line of Fully Managed Switches M4250 Series Main User Manual