Netgear GS724TS-100NAS User Manual Page 187

  • Download
  • Add to my manuals
  • Print
  • Page
    / 275
  • Table of contents
  • TROUBLESHOOTING
  • BOOKMARKS
  • Rated. / 5. Based on customer reviews
Page view 186
Chapter 5: Managing Device Security | 187
GS716Tv2 and GS724Tv3 Software Administration Manual
Deny: Drops packets that meet the ACL criteria.
Assign Queue. Specifies the hardware egress queue identifier used to handle all
packets matching this ACL rule. Enter an identifying number from 0–3 in this field.
Redirect Interface. Specifies the specific egress interface where the matching traffic
stream is forced, bypassing any forwarding decision normally performed by the
device.
Match Every. Requires a packet to match the criteria of this ACL. Select True or
False from the drop-down menu. Match Every is exclusive to the other filtering rules,
so if Match Every is True, the other rules on the screen are not available.
CoS. Requires a packet’s class of service (CoS) to match the CoS value listed here.
Enter a CoS value between 0–7 to apply this criteria.
Secondary CoS. Requires a packet’s secondary 802.1p priority value, which is the
dot1p value in the secondary (i.e. inner) tag of a double-tagged packet, to match the
value specified in this field.
CPU Notification Mode. This field is configurable only when the action is denied.
Enable. The switch to turn off PoE power to the port if the user is rejected by ACL.
When the rule is hit and the PoE component receives this notification, the PoE
component turns off PoE power for the port. To turn on the port power, you must
manually enable the PoE port Admin Mode.
Disable: When a packet matches the ACL rule, the CPU is not notified, and the
port continues to provide power.
Destination MAC. Requires an Ethernet frame’s destination port MAC address to
match the address listed here. Enter a MAC address in this field. The valid format is
xx:xx:xx:xx:xx:xx.
Destination MAC Mask. If desired, enter the MAC Mask associated with the
Destination MAC to match. The MAC address mask specifies which bits in the
destination MAC to compare against an Ethernet frame. Use Fs and zeros in the MAC
mask, which is in a wildcard format. An F means that the bit is not checked, and a
zero in a bit position means that the data must equal the value given for that bit. For
example, if the MAC address is aa:bb:cc:dd:ee:ff, and the mask is 00:00:ff:ff:ff:ff, all
MAC addresses with aa:bb:xx:xx:xx:xx result in a match (where x is any hexadecimal
number). A MAC mask of 00:00:00:00:00:00 matches a single MAC address.
EtherType Key. Requires a packet’s EtherType to match the EtherType you select.
Select the EtherType value from the drop down menu. If you select User Value, you
can enter a custom EtherType value.
EtherType User Value. This field is configurable if you select User Value from the
EtherType drop down menu. The value you enter specifies a customized Ethertype to
compare against an Ethernet frame. The valid range of values is 0x0600–0xFFFF.
Source MAC. Requires a packet’s source port MAC address to match the address
listed here. Enter a MAC address in the this field. The valid format is
xx:xx:xx:xx:xx:xx.
Source MAC Mask. If desired, enter the MAC mask for the source MAC address to
match. Use Fs and zeros in the MAC mask, which is in a wildcard format. An F means
that the bit is not checked, and a zero in a bit position means that the data must equal
Page view 186
1 2 ... 182 183 184 185 186 187 188 189 190 191 192 ... 274 275

Comments to this Manuals

No comments