beautypg.com

NETGEAR MS510TXPP 8 Port Gigabit PoE Managed Switch User Manual

Page 280

background image

Smart Managed Pro Switches MS510TX and MS510TXPP

Manage Device Security

User Manual

280

8.

Configure the following match criteria for the rule:

Rule ID

. Enter a whole number in the range of 1 to 50 that is used to identify the rule.

An extended IP ACL can contain up to 50 rules.

Action

. Select the ACL forwarding action, which is one of the following:

-

Permit

. Forward packets that meet the ACL criteria.

-

Deny

. Drop packets that meet the ACL criteria.

Logging

. If the selection form the

Action

menu is

Deny

, you can enable logging for

the ACL by selecting the

Enable

radio button. (Logging is subject to resource

availability in the device.)

If the access list trap flag is also enabled, periodic traps are generated, indicating the
number of times this rule was evoked during the report interval. A fixed five-minute
report interval is used for the switch. A trap is not issued if the ACL rule hit count is
zero for the current interval.

Match Every

. From the

Match Every

menu, select whether all packets must match

the selected IP ACL rule:

-

False

. Not all packets need to match the selected IP ACL rule. You can configure

other match criteria on the page.

-

True

. All packets must match the selected IP ACL rule and are either permitted or

denied. In this case, you cannot configure other match criteria on the page.

Protocol Type

.

From the menu, select a protocol that a packet’s IP protocol must be

matched against:

IP

,

ICMP

,

IGMP

,

TCP

,

UDP

, or

Other

. If you select

Other

, enter a

protocol number from 0 to 255.

Source IP Address

. In the

Source IP Address

field, enter a source IP address,

using dotted-decimal notation, to be compared to a packet’s source IP address as a
match criterion for the selected IP ACL rule.