User Manual
Table Of Contents
- 24-Port Gigabit Smart Managed Pro Switch with PoE+ and 2 SFP Ports Model GS724TPv2
- Contents
- 1. Get Started
- Switch Management Interface Overview
- Change the Default IP Address of the Switch
- Discover a Switch in a Network With a DHCP Server
- Discover a Switch in a Network Without a DHCP Server
- Configure the Network Settings on Your Computer
- Access the Web Browser–Based Management Interface
- About the User Interfaces
- Use a Web Browser to Access the Switch and Log In
- Web Browser–Based Management Interface Device View
- Interface Naming Conventions
- Configure Interface Settings
- Context-Sensitive Help and Access to the Support WebSite
- Register Your Product
- 2. Configure System Information
- 3. Configure Switching
- Configure Port Settings
- Configure Link Aggregation Groups
- Configure VLANs
- Configure a Voice VLAN
- Configure Auto-VoIP
- Configure Spanning Tree Protocol
- Configure Multicast
- View the MFDB Table
- View the MFDB Statistics
- IGMP Snooping Overview
- Configure IGMP Snooping
- Configure IGMP Snooping for Interfaces
- View the IGMP Snooping Table
- Configure IGMP Snooping for VLANs
- Modify IGMP Snooping Settings for a VLAN
- IGMP Snooping Querier Overview
- Configure IGMP Snooping Querier
- Configure IGMP Snooping Querier for VLANs
- Display IGMP Snooping Querier for VLAN Status
- Configure a Static Multicast Group
- Remove a Static Multicast Group
- Configure Multicast Group Membership
- Configure the Multicast Forward All Option
- View and Configure the MAC Address Table
- 4. Configure Quality of Service
- 5. Manage Device Security
- Configure the Management Security Settings
- Configure Management Access
- Configure Port Authentication
- Configure Traffic Control
- Configure Access Control Lists
- Use the ACL Wizard to Create a Simple ACL
- Configure a MAC ACL
- Configure MAC ACL Rules
- Configure MAC Bindings
- View or Delete MAC ACL Bindings in the MAC Binding Table
- Configure an IP ACL
- Configure Rules for a Basic IP ACL
- Configure Rules for an Extended IP ACL
- Configure IP ACL Interface Bindings
- View or Delete IP ACL Bindings in the IP ACL Binding Table
- 6. Monitor the System
- 7. Maintenance
- A. Configuration Examples
- B. Specifications and Default Settings
Configuration Examples
294
NETGEAR 24-Port Gigabit Smart Managed Pro Switch with PoE+ and 2 SFP Ports Model GS724TPv2
untagged packet as it leaves port 6. For port 5, the outgoing packet leaves as a
tagged packet with VLAN ID 20.
Access Control Lists (ACLs)
ACLs ensure that only authorized users can access specific resources while blocking off any
unwarranted attempts to reach network resources.
ACLs are used to provide traffic flow control, restrict contents of routing updates, decide
which types of traffic are forwarded or blocked, and provide security for the network. ACLs
are normally used in firewall routers that are positioned between the internal network and an
external network, such as the Internet. They can also be used on a router positioned between
two parts of the network to control the traffic entering or exiting a specific part of the internal
network. The added packet processing required by the ACL feature does not affect switch
performance. That is, ACL processing occurs at wire speed.
Access lists are sequential collections of permit and deny conditions. This collection of
conditions, known as the filtering criteria, is applied to each packet that is processed by the
switch or the router. The forwarding or dropping of a packet is based on whether or not the
packet matches the specified criteria.
Traffic filtering requires the following two basic steps:
1. Create an access list definition.
The access list definition includes rules that specify whether traffic matching the criteria is
forwarded normally or discarded. Additionally, you can assign traffic that matches the
criteria to a particular queue or redirect the traffic to a particular port. A default deny all
rule is the last rule of every list.
2. Apply the access list to an interface in the inbound direction.
The switch allow ACLs to be bound to physical ports and LAGs. The switch supports MAC
ACLs and IP ACLs.
MAC ACL Sample Configuration
The following example shows how to create a MAC-based ACL that permits Ethernet traffic
from the Sales department on specified ports and denies all other traffic on those ports.
1. On the MAC ACL page, create an ACL with the name Sales_ACL for the Sales
department of your network (see Configure a MAC ACL on page 225).
By default, this ACL is bound on the inbound direction, which means that the switch
examines traffic as it enters the port.
2. On the MAC Rules page, create a rule for the Sales_ACL with the following settings:
• Sequence Number. 1
• Action. Permit
• Assign Queue ID. 0