Mac acl sample configuration – NETGEAR M4350-24F4V 24-Port 10G SFP+ Managed AV Network Switch User Manual

The access list definition includes rules that specify whether traffic matching the
criteria is forwarded normally or discarded. Additionally, you can assign traffic that
matches the criteria to a particular queue or redirect the traffic to a particular port.
A default

deny all

rule is the last rule of every list.

2. Apply the access list to an interface in the inbound direction.

The switch allow ACLs to be bound to physical ports and LAGs. The switch supports
MAC ACLs and IP ACLs.

MAC ACL sample configuration

The following example shows how to create a MAC-based ACL that permits Ethernet
traffic from the Sales department on specified ports and denies all other traffic on those
ports.

1. On the MAC ACL page, create an ACL with the name Sales_ACL for the Sales

department of your network (see Configure a MAC ACL on page 794).

By default, this ACL is bound on the inbound direction, which means that the switch
examines traffic as it enters the port.

2. On the MAC Rules page, create a rule for the Sales_ACL with the following settings:

•

Sequence Number: 1

•

Action: Permit

•

Assign Queue ID: 0

•

Match Every: False

•

CoS: 0

•

Destination MAC: 01:02:1A:BC:DE:EF

•

Destination MAC Mask: 00:00:00:00:FF:FF

•

EtherType: User Value

•

Source MAC: 02:02:1A:BC:DE:EF

•

Source MAC Mask: 00:00:00:00:FF:FF

•

VLAN ID: 2

For more information about MAC ACL rules, see Configure MAC ACL rules on page
797.

3. On the MAC Binding Configuration page, assign the Sales_ACL to 6, 7, and 8, and

then click the Apply button. (See Configure MAC bindings on page 801.)

Main User Manual

913

Configuration Examples

Fully Managed Switches M4350 Series Main User Manual