3 acl configuration, 1 acl configuration task sequence – Amer Networks SS2R48G4i V2 User Manual
Page 140
SS2R24G4i/SS2R48G4i
129
rules, from the first rule to the first matched rule; the rest of the rules will not be processed.
z
Global default action applies only to IP packets in the incoming direction on the ports. For non-
incoming IP packets and all outgoing packets, the default forward action is “permit”.
z
Global default action applies only when packet flirter is enabled on a port and no ACL is bound to
that port, or no binding ACL matches.
z
When an access-list is bound to the outgoing direction of a port, the action in the rule can only be
“deny”.
15.3 ACL Configuration
15.3.1 ACL Configuration Task Sequence
1. Configuring
access-list
(
1) Configuring a numbered standard IP access-list
(
2) Configuring a numbered extended IP access-list
(
3) Configuring a standard IP access-list based on nomenclature
a) Create a standard IP access-list based on nomenclature
b) Specify multiple “permit” or “deny” rule entries.
c) Exit ACL Configuration Mode
(
4) Configuring an extended IP access-list based on nomenclature.
a) Create an extensive IP access-list based on nomenclature
b) Specify multiple “permit” or “deny” rule entries.
c) Exit ACL Configuration Mode
(
5) Configuring a numbered standard MAC access-list
(
6) Configuring a numbered extended MAC access-list
(
7) Configuring a standard MAC access-list based on nomenclature
a) Create a standard IP access-list based on nomenclature
b) Specify multiple “permit” or “deny” rule entries.
c) Exit ACL Configuration Mode
(
8) Configuring a numbered extended MAC-IP access-list
(
9) Configuring a standard MAC-IP access-list based on nomenclature
a) Create a standard MAC-IP access-list based on nomenclature
b) Specify multiple “permit” or “deny” rule entries.
c) Exit MAC-IP Configuration Mode
2. Configuring the packet filtering function
(1) Enable global packet filtering function
(2) Configure default action.
3. Configuring time range function