XGS-5240-Series User Manual
Table Of Contents
- Chapter 1 INTRODUCTION
- Chapter 2 INSTALLATION
- Chapter 3 witch Management
- Chapter 4 Basic Switch Configuration
- Chapter 5 File System Operations
- Chapter 6 Cluster Configuration
- Chapter 7 USB Function Configuration
- Chapter 8 Device Management
- Chapter 9 Port Configuration
- Chapter 10 Port Isolation Function Configuration
- Chapter 11 Port Loopback Detection Function Configuration
- Chapter 12 ULDP Function Configuration
- Chapter 13 LLDP Function Operation Configuration
- Chapter 14 Port Channel Configuration
- Chapter 15 MTU Configuration
- Chapter 16 bpdu-tunnel-protocol Configuration
- Chapter 17 DDM Configuration
- Chapter 18 EFM OAM Configuration
- Chapter 19 LLDP-MED
- Chapter 20 PORT SECURITY
- Chapter 21 QSFP+ Port Split and Combination Configuration
- Chapter 22 VLAN Configuration
- Chapter 23 MAC Table Configuration
- Chapter 24 MSTP Configuration
- Chapter 25 QoS Configuration
- Chapter 26 PBR Configuration
- Chapter 27 IPv6 PBR Configuration
- Chapter 28 Flow-based Redirection
- Chapter 29 Egress QoS Configuration
- Chapter 30 Flexible QinQ Configuration
- Chapter 31 Layer 3 Management Configuration
- Chapter 32 ARP Scanning Prevention Function Configuration
- Chapter 33 Prevent ARP, ND Spoofing Configuration
- Chapter 34 ARP GUARD Configuration
- Chapter 35 Gratuitous ARP Configuration
- Chapter 36 DHCP Configuration
- Chapter 37 DHCPv6 Configuration
- Chapter 38 DHCP option 82 Configuration
- Chapter 39 DHCPv6 option37, 38
- Chapter 40 DHCP Snooping Configuration
- Chapter 41 DHCP option 60 and option 43
- Chapter 42 IPv4 Multicast Protocol
- Chapter 43 IPv6 Multicast Protocol
- Chapter 44 Multicast VLAN
- Chapter 45 ACL Configuration
- Chapter 46 Self-defined ACL Configuration
- Chapter 47 802.1x Configuration
- 47.1 Introduction to 802.1x
- 47.2 802.1x Configuration Task List
- 47.3 802.1x Application Example
- 47.4 802.1x Troubleshooting
- Chapter 48 The Number Limitation Function of MAC and IP in Port, VLAN Configuration
- 48.1 Introduction to the Number Limitation Function of MAC and IP in Port, VLAN
- 48.2 The Number Limitation Function of MAC and IP in Port, VLAN Configuration Task Sequence
- 48.3 The Number Limitation Function of MAC and IP in Port, VLAN Typical Examples
- 48.4 The Number Limitation Function of MAC and IP in Port, VLAN Troubleshooting Help
- Chapter 49 Operational Configuration of AM Function
- Chapter 50 Security Feature Configuration
- 50.1 Introduction to Security Feature
- 50.2 Security Feature Configuration
- 50.2.1 Prevent IP Spoofing Function Configuration Task Sequence
- 50.2.2 Prevent TCP Unauthorized Label Attack Function Configuration Task Sequence
- 50.2.3 Anti Port Cheat Function Configuration Task Sequence
- 50.2.4 Prevent TCP Fragment Attack Function Configuration Task Sequence
- 50.2.5 Prevent ICMP Fragment Attack Function Configuration Task Sequence
- 50.3 Security Feature Example
- Chapter 51 TACACS+ Configuration
- Chapter 52 RADIUS Configuration
- Chapter 53 SSL Configuration
- Chapter 54 IPv6 Security RA Configuration
- Chapter 55 VLAN-ACL Configuration
- Chapter 56 MAB Configuration
- Chapter 57 PPPoE Intermediate Agent Configuration
- Chapter 58 SAVI Configuration
- Chapter 59 Captive Portal Authentication
- 59.1 Captive Portal Authentication Configuration
- 59.2 Accounting Function Configuration
- 59.3 Free-resource Configuration
- 59.4 Authentication White-list Configuration
- 59.5 Automatic Page Pushing after Successful Authentication (it is not supported currently)
- 59.6 http-redirect-filter
- 59.7 Portal Non-perception
- 59.8 Portal Escaping
- Chapter 60 VRRP Configuration
- Chapter 61 IPv6 VRRPv3 Configuration
- Chapter 62 MRPP Configuration
- Chapter 63 ULPP Configuration
- Chapter 64 ULSM Configuration
- Chapter 65 Mirror Configuration
- Chapter 66 RSPAN Configuration
- Chapter 67 SNTP Configuration
- Chapter 68 NTP Function Configuration
- Chapter 69 DNSv4/v6 Configuration
- Chapter 70 Summer Time Configuration
- Chapter 71 Monitor and Debug
- Chapter 72 Reload Switch after Specified Time
- Chapter 73 Debugging and Diagnosis for Packets Received and Sent by CPU
- Chapter 74 VSF
- Chapter 75 SWITCH OPERATION
- Chapter 76 TROUBLESHOOTING
- Chapter 77 APPENDIX A
- Chapter 78 GLOSSARY
Configuration Guide of XGS-5240-Series
45-8
access-list <num> {deny | permit} icmp {{<sIpAdd
r> <sMask>} | any-source | {host-source <sIpAdd
r>}} {{<dIpAddr> <dMask>} | any-destination | {ho
st-destination <dIpAddr>}} [<icmp-type> [<icmp-co
de>]] [precedence <prec>] [tos <tos>][time-range<
time-range-name>]
Creates a numbered ICMP ext
ended IP access rule; if the n
umbered extended access-list
of specified number does not
exist, then an access-list will
be created using this number.
access-list <num> {deny | permit} igmp {{<sIpAdd
r> <sMask>} | any-source | {host-source <sIpAdd
r>}} {{<dIpAddr> <dMask>} | any-destination | {ho
st-destination <dIpAddr>}} [<igmp-type>] [precede
nce <prec>] [tos <tos>][time-range<time-range-na
me>]
Creates a numbered IGMP ext
ended IP access rule; if the n
umbered extended access-list
of specified number does not
exist, then an access-list will
be created using this number.
access-list <num> {deny | permit} tcp {{<sIpAdd
r> <sMask>} | any-source | {host-source <sIpAdd
r>}} [s-port {<sPort> | range <sPortMin> <sPortMa
x>}] {{<dIpAddr> <dMask>} | any-destination | {ho
st-destination <dIpAddr>}} [d-port {<dPort> | rang
e <dPortMin> <dPortMax>}] [ack+fin+psh+rst+urg+
syn] [precedence <prec>] [tos <tos>][time-range<t
ime-range-name>]
Creates a numbered TCP exte
nded IP access rule; if the nu
mbered extended access-list o
f specified number does not e
xist, then an access-list will b
e created using this number.
access-list <num> {deny | permit} udp {{<sIpAdd
r> <sMask>} | any-source | {host-source <sIpAdd
r>}} [s-port {<sPort> | range <sPortMin> <sPortMa
x>}] {{<dIpAddr> <dMask>} | any-destination | {ho
st-destination <dIpAddr>}} [d-port {<dPort> | rang
e <dPortMin> <dPortMax>}] [precedence <prec>]
[tos <tos>][time-range<time-range-name>]
Creates a numbered UDP ext
ended IP access rule; if the n
umbered extended access-list
of specified number does not
exist, then an access-list will
be created using this number.
access-list <num> {deny | permit} {eigrp | gre | i
grp | ipinip | ip | ospf | <protocol-num>} {{<sIpA
ddr> <sMask>} | any-source | {host-source <sIpA
ddr>}} {{<dIpAddr> <dMask>} | any-destination |
{host-destination <dIpAddr>}} [precedence <prec>]
[tos <tos>][time-range<time-range-name>]
Creates a numbered IP extend
ed IP access rule for other sp
ecific IP protocol or all IP prot
ocols; if the numbered extend
ed access-list of specified nu
mber does not exist, then an
access-list will be created usin
g this number.