GS-5220-Series (V4) User Manual
Table Of Contents
- 1. INTRODUCTION
- 2. INSTALLATION
- 3. SWITCH MANAGEMENT
- 4. WEB CONFIGURATION
- 4.1 Main Web Page
- 4.2 System
- 4.2.1 Management
- 4.2.1.1 System Information
- 4.2.1.2 IP Configuration
- 4.2.1.3 IP Status
- 4.2.1.4 Users Configuration
- 4.2.1.5 Privilege Levels
- 4.2.1.6 NTP Configuration
- 4.2.1.6.1 System Time Correction Manually
- 4.2.1.7 Time Configuration
- 4.2.1.8 UPnP
- 4.2.1.9 DHCP Relay
- 4.2.1.10 DHCP Relay Statistics
- 4.2.1.11 CPU Load
- 4.2.1.12 System Log
- 4.2.1.13 Detailed Log
- 4.2.1.14 Remote Syslog
- 4.2.1.15 SMTP Configuration
- 4.2.2 Simple Network Management Protocol
- 4.2.3 RMON
- 4.2.4 DHCP server
- 4.2.1 Management
- 4.3 Switching
- 4.3.1 Port Management
- 4.3.2 Link Aggregation
- 4.3.3 VLAN
- 4.3.3.1 VLAN Overview
- 4.3.3.2 IEEE 802.1Q VLAN
- 4.3.3.3 VLAN Port Configuration
- 4.3.3.4 VLAN Membership Status
- 4.3.3.5 VLAN Port Status
- 4.3.3.6 Private VLAN
- 4.3.3.7 Port Isolation
- 4.3.3.8 VLAN setting example:
- 4.3.3.8.1 Two Separate 802.1Q VLANs
- 4.3.3.8.2 VLAN Trunking between two 802.1Q aware switches
- 4.3.3.8.3 Port Isolate
- 4.3.3.9 MAC-based VLAN
- 4.3.3.10 Protocol-based VLAN
- 4.3.3.11 Protocol-based VLAN Membership
- 4.3.4 Spanning Tree Protocol
- 4.3.5 IGMP Snooping
- 4.3.6 MLD Snooping
- 4.3.7 MVR (Multicast VLAN Registration)
- 4.3.8 LLDP
- 4.3.9 MAC Address Table
- 4.3.10 Loop Protection
- 4.3.11 UDLD
- 4.3.12 GVRP
- 4.3.13 Link OAM
- 4.4 Routing
- 4.5 Quality of Service
- 4.6 Security
- 4.7 Power over Ethernet
- 4.8 Ring
- 4.9 ONVIF
- 4.10 Maintenance
- 5. SWITCH OPERATION
- 6. TROUBLESHOOTING
- APPENDIX A: Networking Connection
- APPENDIX B : GLOSSARY
User’s Manual of GS-5220 PoE Series Managed Switch
345
4.6.5 Access Control Lists
ACL is an acronym for Access Control List. It is the list table of ACEs, containing access control entries that specify individual
users or groups permitted or denied to specific traffic objects, such as a process or a program.
Each accessible traffic object contains an identifier to its ACL. The privileges determine whether there are specific traffic object
access rights.
ACL implementations can be quite complex, for example, when the ACEs are prioritized for the various situation. In networking,
the ACL refers to a list of service ports or network services that are available on a host or server, each with a list of hosts or
servers permitted or denied to use the service. ACL can generally be configured to control inbound traffic, and in this context,
they are similar to firewalls.
ACE is an acronym for Access Control Entry. It describes access permission associated with a particular ACE ID.
There are three ACE frame types (Ethernet Type, ARP, and IPv4) and two ACE actions (permit and deny). The ACE also
contains many detailed, different parameter options that are available for individual application.
4.6.5.1 Access Control List Status
This page shows the ACL status by different ACL users. Each row describes the ACE that is defined. It is a conflict if a specific
ACE is not applied to the hardware due to hardware limitations. The maximum number of ACEs is 512 on each switch. The
Voice VLAN OUI Table screen in Figure 4-6-5-1 appears.
Figure 4-6-5-1: ACL Status Page Screenshot
The page includes the following fields:
Object Description
• User
Indicates the ACL user.
• ACE
Indicates the ACE ID on local switch.
• Frame Type
Indicates the frame type of the ACE. Possible values are:
■ Any: The ACE will match any frame type.
■ EType: The ACE will match Ethernet Type frames. Note that an
Ethernet Type based ACE will not get matched by IP and ARP
frames.
■ ARP: The ACE will match ARP/RARP frames.