Access Control
IPv4-based ACLs
Cisco Small Business 300 Series Managed Switch Administration Guide 402
21
Adding Rules (ACEs) to an IPv4-Based ACL
To add rules (ACEs) to an IPv4-based ACL:
STEP 1 Click Access Control > IPv4-Based ACE.
STEP 2 Select an ACL, and click Go. All currently-defined IP ACEs for the selected ACL are
displayed.
STEP 3 Click Add.
STEP 4 Enter the parameters.
• ACL Name—Displays the name of the ACL.
• Priority—Enter the priority. ACEs with higher priority are processed first.
• Action—Select the action assigned to the packet matching the ACE. The
options are as follows:
-
Permit
—Forward packets that meet the ACE criteria.
-
Deny
—Drop packets that meet the ACE criteria.
-
Shutdown
—Drop packet that meets the ACE criteria and disable the port
to which the packet was addressed. Ports are reactivated from the Port
Management page.
• Time Range—Select to enable limiting the use of the ACL to a specific time
range.
• Time Range Name—If Time Range is selected, select the time range to be
used. Time ranges are defined in the Time Range section.
• Protocol—Select to create an ACE based on a specific protocol or protocol
ID. Select Any (IPv4) to accept all IP protocols. Otherwise select one of the
following protocols from the drop-down list:
-
ICMP
—Internet Control Message Protocol
-
IGMP
—Internet Group Management Protocol
-
IP in IP
—IP in IP encapsulation
-
TCP
—Transmission Control Protocol
-
EGP
—Exterior Gateway Protocol
-
IGP
—Interior Gateway Protocol
