User Manual
Table Of Contents
- S350 Series 8-Port Gigabit Ethernet Smart Switch
- Contents
- 1 Get Started
- Available Publications
- Switch Management and Discovery Overview
- Options to Change the Default IP Address of the Switch
- Discover or Change the Switch IP Address
- About the User Interfaces
- Access the Local Browser Interface
- Change the Language of the Local Browser Interface
- Use the Device View of the Local Browser Interface
- Interface Naming Conventions
- Configure Interface Settings
- Context-Sensitive Help and Access to the Support WebSite
- Access the User Guide Online
- Register Your Product
- 2 Configure System Information
- 3 Configure Switching
- Configure the Port Settings and Maximum Frame Size
- Configure Link Aggregation Groups
- Configure VLANs
- Configure a Voice VLAN
- Configure Auto-VoIP
- Configure Spanning Tree Protocol
- Configure Multicast
- View and Search the MFDB Table
- View the MFDB Statistics
- Configure the Auto-Video Multicast Settings
- About IGMP Snooping
- Configure IGMP Snooping
- Configure IGMP Snooping for Interfaces
- View, Search, or Clear the IGMP Snooping Table
- Configure IGMP Snooping for VLANs
- Modify IGMP Snooping Settings for a VLAN
- Disable IGMP Snooping on a VLAN
- Configure a Multicast Router Interface
- Configure a Multicast Router VLAN
- IGMP Snooping Querier Overview
- Configure an IGMP Snooping Querier
- Configure an IGMP Snooping Querier for VLANs
- Display IGMP Snooping Querier for VLAN Status
- View, Search, and Manage the MAC Address Table
- Configure Layer 2 Loop Protection
- 4 Configure Quality of Service
- 5 Manage Device Security
- Configure the Management Security Settings
- Configure Management Access
- Configure Port Authentication
- Set Up Traffic Control
- Configure Access Control Lists
- Use the ACL Wizard to Create a Simple ACL
- Configure a Basic MAC ACL
- Configure MAC ACL Rules
- Configure MAC Bindings
- View or Delete MAC ACL Bindings in the MAC Binding Table
- Configure a Basic or Extended IP ACL
- Configure Rules for a Basic IP ACL
- Configure Rules for an Extended IP ACL
- Configure IP ACL Interface Bindings
- View or Delete IP ACL Bindings in the IP ACL Binding Table
- Configure VLAN ACL Bindings
- 6 Monitor the System
- 7 Maintenance
- A Configuration Examples
- B Specifications and Default Settings
S350 Series 8-Port Gigabit Ethernet Smart Switch Models GS308T and GS310TP
Manage Device Security User Manual266
Configure a Basic or Extended IP ACL
An IP ACL consists of a set of rules that are matched sequentially against a packet. When a
packet meets the match criteria of a rule, the specified rule action (Permit or Deny) is taken,
and the additional rules are not checked for a match. You must specify the interfaces to
which an IP ACL applies, as well as whether it applies to inbound or outbound traffic.
Multiple steps are involved in defining an IP ACL and applying it to the switch:
1. Add an IP
ACL ID (see Add an IP ACL on page 266).
The differences between a basic IP ACL and an extended IP ACL are as follows:
• Numbered ACL from 1 to 99. Creates a basic IP
ACL, which allows you to permit or
deny traffic from a source IP address.
• Numbered ACL from 100 to 199. Creates an extended IP
ACL, which allows you to
permit or deny specific types of Layer 3 or Layer 4 traffic from a source IP address to
a destination IP address. This type of ACL provides more granularity and filtering
capabilities than the basic IP ACL.
• Named IP ACL. Create an extended IP
ACL with a name string that is up to 31
alphanumeric characters in length. The name must start with an alphabetic character.
2. Create an IP rule (see
Configure Rules for a Basic IP ACL on page 269 or Configure
Rules for an Extended IP ACL on page 273).
3. Associate the IP
ACL with one or more interfaces (see Configure IP ACL Interface
Bindings on page 280).
You can view or delete IP ACL configurations in the IP ACL Binding table (see
View or
Delete IP ACL Bindings in the IP ACL Binding Table on page 282.
Add an IP ACL
To add an IP ACL:
1. Connect your computer to the same network as the switch.
You can use a WiFi or wired connection to connect your computer to the network, or
connect directly to a switch that is of
f-network using an Ethernet cable.
2. Launch a web browser.
3. In the address field of your web browser
, enter the IP address of the switch.
If you do not know the IP address of the switch, see
Discover or Change the Switch IP
Address on page 12.
ACL ID The ACL name identifying the ACL assigned to the selected interface and direction.
Sequence Number The sequence number signifying the order of the specified ACL relative to other ACLs
assigned to the selected interface and direction.
Table 55. MAC Binding Table (continued)
Field Description