1. Home
  2. TP-Link
  3. TP-Link TL-SG2428P User Manual
  4. Page 854

TP-Link TL-SG2428P | Jetstream 24 Port Gigabit Smart Managed PoE Switch | 24 PoE+ Ports @250W, 4 SFP Slots | Omada SDN Integrated | PoE Recovery | IPv6 | Static Routing | Limited Lifetime Protection

User Manual - Page 854

For TL-SG2428P.

PDF File Manual, 1146 pages, Download pdf file

Loading ...
Loading ...
Loading ...
Configuring ACL ACL Configuration
User Guide 825
Step 2 access-list create
acl-id
[name
acl-name
]
Create an IPv6 ACL.
acl-id:
Enter an ACL ID. The ID ranges from 1500 to 1999.
acl-name:
Enter a name to identify the ACL.
Step 3 access-list ipv6
acl-id-or-name
rule {auto |
rule-id
} {deny | permit} logging {enable | disable}
[class
class-value
] [flow-label
flow-label-value
] [sip
source-ip-address
sip-mask
source-
ip-mask
] [dip
destination-ip-address
dip-mask
destination-ip-mask
] [s-port
source-port-
number
] [d-port
destination-port-number
] [tseg
time-range-name
]
Add rules to the ACL.
acl-id-or-name
: Enter the ID or name of the ACL that you want to add a rule for.
auto:
The rule ID will be assigned automatically and the interval between rule IDs is 5.
rule-id
: Assign an ID to the rule.
deny | permit: Specify the action to be taken with the packets that match the rule. Deny means
to discard; permit means to forward. By default, it is set to permit.
logging {enable | disable}: Enable or disable Logging function for the ACL rule. If "enable" is
selected, the times that the rule is matched will be logged every 5 minutes. With ACL Counter
trap enabled, a related trap will be generated if the matching times changes.
class-value
: Specify a class value to be matched. It ranges from 0 to 63.
flow-label-value
: Specify a Flow Label value to be matched.
source-ip-address:
Enter the source IP address. Enter the destination IPv6 address to be
matched. All types of IPv6 address will be checked. You may enter a complete 128-bit IPv6
address but only the first 64 bits will be valid.
source-ip-mask:
Enter the source IP address mask. The mask is required if the source IPv6
address is entered. Enter the mask in complete format (for example, ffff:ffff:0000:ffff). The
mask specifies which bits in the source IPv6 address to match the rule.
destination-ip-address
: Enter the destination IPv6 address to be matched. All types of IPv6
address will be checked. You may enter a complete 128-bit IPv6 addresses but only the first
64 bits will be valid.
destination-ip-mask:
Enter the source IP address mask. The mask is required if the source
IPv6 address is entered. Enter the mask in complete format (for example, ffff:ffff:0000:ffff). The
mask specifies which bits in the source IPv6 address to match the rule.
source-port-number
: Enter the TCP/UDP source port if TCP/UDP protocol is selected.
destination-port-number
: Enter the TCP/UDP destination port if TCP/UDP protocol is selected.
time-range-name
: The name of the time-range. The default is No Limit.
Step 4 end
Return to privileged EXEC mode.
Step 5 copy running-config startup-config
Save the settings in the configuration file.
Loading ...
Loading ...
Loading ...