Fortinet 548B User Manual
Page 897
- 897 -
optional configuration. Enter an integer from 0 to 63. The IP DSCP is selected by possibly
selection one of the DSCP keyword from a dropdown box. If a value is to be selected by
specifying its numeric value, then select the 'Other' option in the dropdown box and a text
box will appear where the numeric value of the DSCP can be entered.
IP Precedence Configuration The IP Precedence field in a packet is defined as the
high-order three bits of the Service Type octet in the IP header. This is an optional
configuration. Enter an integer from 0 to 7.
IP TOS Configuration The IP TOS field in a packet is defined as all eight bits of the Service
Type octet in the IP header. The TOS Bits value is a hexadecimal number from 00 to FF. The
TOS Mask value is a hexadecimal number from 00 to FF. The TOS Mask denotes the bit
positions in the TOS Bits value that are used for comparison against the IP TOS field in a
packet. For example, to check for an IP TOS value having bits 7 and 5 set and bit 1 clear,
where bit 7 is most significant, use a TOS Bits value of 0xA0 and a TOS Mask of 0xFF. This
is an optional configuration.
Command Buttons
Configure - Configure the corresponding match criteria for the selected rule.
Delete - Remove the currently selected Rule from the selected ACL. These changes will not be
retained across a power cycle unless a save configuration is performed.
11.7.1.4 Configuring IPv6 Access Control List Configuration Page
An IPv6 ACL consists of a set of rules which are matched sequentially against a packet. When a packet
meets the match criteria of a rule, the specified rule action (Permit/Deny) is taken and the additional
rules are not checked for a match. On this menu the interfaces to which an IPv6 ACL applies must be
specified, as well as whether it applies to inbound or outbound traffic. Rules for the IPv6 ACL are
specified/created using the IPv6 ACL Rule Configuration menu.
Selection Criteria
IPv6 ACL - A new IPv6 ACL may be created or the configuration of an existing IPv6 ACL can be
updated by selecting right option from the pull down menu.
Configurable Data
IPv6 ACL Name - Specifies IPv6 ACL Name string which includes alphanumeric characters only.
The name must start with an alphabetic character. This field displays the name of the currently
selected IPv6 ACL if the ACL has already been created.
Non-Configurable Data
Table - Displays the current and maximum number of ACLs.