Table of Contents
Advertisement
Access Control
Configuring IPv4-based ACLs
STEP 5
Configuring IPv4-based ACLs
Cisco 220 Series Smart Plus Switches Administration Guide Release 1.0.0.x
indicates to mask that value. For example, the value: "FFFFFF000000"
indicates that only the first three bytes of the destination MAC address
are used.
Given a mask of 0000 0000 0000 0000 0000 0000 1111 1111 (which
NOTE
means that you match on the bits where there is 0 and don't match on the bits
where there are 1's). You need to translate the 1's to a decimal integer and
you write 0 for each four zeros. In this example since 1111 1111 = 255, the
mask would be written: as 0.0.0.255.
•
Source MAC Address—Select Any if all source address are acceptable, or
select User Defined to enter a source address or a range of source
addresses.
-
Source MAC Address Value
source MAC address will be matched and its mask (if relevant).
Source MAC Wildcard Mask
-
addresses.
•
VLAN ID—Enter the VLAN ID section of the VLAN tag to match.
•
802.1p—Check Include to use 802. 1 p.
-
802. 1 p Value
802. 1 p Mask
-
•
Ethertype—Enter the frame Ethertype to be matched.
Click Apply. The MAC-based ACE is defined, and the Running Configuration is
updated.
IPv4-based ACLs are used to check IPv4 packets, while other types of frames,
such as ARPs, are not checked.
The following fields can be matched:
•
IP protocol (by name for well-known protocols, or directly by value)
•
Source/destination IP addresses (including wildcards)
•
Source/destination ports for TCP/UDP traffic
—Enter the MAC address to which the
—Enter the mask to define a range of MAC
—Enter the 802. 1 p value to be added to the VPT tag.
—Enter the wildcard mask to be applied to the VPT tag.
17
229
Advertisement
Table of Contents
