TP-Link TL-SG2210MP User Manual

Loading ...

User Guide 824

Configuring ACL ACL Configuration

protocol:

Specify a protocol number between 0 and 255.

s-port-number:

With TCP or UDP configured as the protocol, specify the source port number.

s-port-mask:

With TCP or UDP configured as the protocol, specify the source port mask with 4

hexadacimal numbers.

d-port-number:

With TCP or UDP configured as the protocol, specify the destination port

number.

d-port-mask:

With TCP or UDP configured as the protocol, specify the destination port mask

with 4 hexadacimal numbers.

tcpflag:

With TCP configured as the protocol, specify the flag value using either binary

numbers or * (for example, 01*010*). The default is *, which indicates that the flag will not be

matched.

The flags are URG (Urgent flag), ACK (Acknowledge Flag), PSH (Push Flag), RST (Reset Flag),

SYN (Synchronize Flag), and FIN (Finish Flag).

time-range-name

: The name of the time-range. The default is No Limit.

Step 4 end

Return to privileged EXEC mode.

Step 5 copy running-config startup-config

Save the settings in the configuration file.

The following example shows how to create Combined ACL 1100 and configure Rule 1 to

deny packets with source IP address 192.168.3.100 in VLAN 2:

Switch#configure

Switch(config)#access-list create 1100

Switch(config)#access-list combined 1100 logging disable rule 1 permit vid 2 sip

192.168.3.100 sip-mask 255.255.255.255

Switch(config)#show access-list 2600

Combined access list 2600 name: ACL_2600

rule 1 permit logging disable vid 2 sip 192.168.3.100 sip-mask 255.255.255.255

Switch(config)#end

Switch#copy running-config startup-config

IPv6 ACL

Follow these steps to configure IPv6 ACL:

Step 1 configure

Enter global configuration mode

Loading ...

TP-Link TL-SG2210MP TL-SG3210XHP-M2 | Jetstream 8 Port Multi-Gigabit L2+ Managed PoE Switch | 8 PoE+ Port @240W, 2 x 10G SFP+ Slots | 2.5G Bandwidth | Omada SDN Integrated | IPv6 | Limited Lifetime Protection