User Manual
Table Of Contents
- S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches with 2 or 4 SFP Ports
- Contents
- 1 Get Started
- Available Publications
- Switch Management and Discovery Overview
- Options to Change the Default IP Address of the Switch
- Discover or Change the Switch IP Address
- About the User Interfaces
- Access the Local Browser Interface
- Change the Language of the Local Browser Interface
- Use the Device View of the Local Browser Interface
- Interface Naming Conventions
- Configure Interface Settings
- Context-Sensitive Help and Access to the Support WebSite
- Access the User Manual Online
- Register Your Product
- 2 Configure System Information
- 3 Configure Switching
- Configure the Port Settings and Maximum Frame Size
- Configure Link Aggregation Groups
- Configure LAG Settings
- Configure LAG Membership
- Set the LACP System Priority
- Set the LACP Port Priority Settings
- Configure VLANs
- Configure VLAN Settings
- Configure VLAN Membership
- View the VLAN Status
- Configure Port PVID Settings
- Configure a MAC-Based VLAN
- Configure Protocol-Based VLAN Groups
- Configure Protocol-Based VLAN Group Membership
- Configure a Voice VLAN
- Configure Auto-VoIP
- Configure Spanning Tree Protocol
- Configure Multicast
- View, Search, or Clear the MFDB Table
- View the MFDB Statistics
- Configure the Auto-Video Multicast Settings
- About IGMP Snooping
- Configure IGMP Snooping
- Configure IGMP Snooping for Interfaces
- View, Search, or Clear the IGMP Snooping Table
- Configure IGMP Snooping for VLANs
- Modify IGMP Snooping Settings for a VLAN
- Disable IGMP Snooping on a VLAN
- Configure a Multicast Router Interface
- Configure a Multicast Router VLAN
- IGMP Snooping Querier Overview
- Configure an IGMP Snooping Querier
- Configure an IGMP Snooping Querier for VLANs
- Display IGMP Snooping Querier for VLAN Status
- View, Search, and Manage the MAC Address Table
- Configure Layer 2 Loop Protection
- 4 Configure Quality of Service
- 5 Manage Device Security
- Configure the Management Security Settings
- Configure Management Access
- Configure Port Authentication
- Set Up Traffic Control
- Configure Access Control Lists
- Use the ACL Wizard to Create a Simple ACL
- Configure a Basic MAC ACL
- Configure MAC ACL Rules
- Configure MAC Bindings
- View or Delete MAC ACL Bindings in the MAC Binding Table
- Configure a Basic or Extended IP ACL
- Configure Rules for a Basic IP ACL
- Configure Rules for an Extended IP ACL
- Configure IP ACL Interface Bindings
- View or Delete IP ACL Bindings in the IP ACL Binding Table
- 6 Monitor the System
- 7 Maintenance
- A Configuration Examples
- B Specifications and Default Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches
Manage Device Security User Manual280
8. Specify the following match criteria for the rule:
• Sequence Number. Enter an ACL sequence number in the range from 1 to
2147483647 that is used to identify the rule. An IP ACL can contain up to 50 rules.
• Action. Select the ACL forwarding action, which is one of the following:
- Permit. Forward packets that meet the ACL criteria.
Egress Queue. If the selection form the Action menu is Permit, you can specify
the hardware egress queue identifier that is used to handle all packets matching
this IP ACL rule.
For models GS324T and GS324TP, the range for the queue ID is from 0 to 3. For
model GS348T, the range for the queue ID is from 0 to 7.
- Deny. Drop packets that meet the ACL criteria.
Logging. If the selection from the Action menu is Deny, you can enable logging
for the ACL by selecting the Enable radio button. (Logging is subject to resource
availability on the switch.)
If you enable logging and you also enable ACL system traps (see
Configure
SNMPv1/v2 Trap Flags on page 82), a SNMP trap is sent when a packet matches
this ACL rule.
• Match Every. Select one of the radio buttons to specify whether all packets must
match the selected IP ACL rule:
- Enable. All packets must match the selected IP ACL rule and are either permitted
or denied.
- Disable. Not all packets need to match the selected IP ACL rule.
• Interface. Select one of the radio buttons to specify whether all packets must be
mirrored or redirected:
- Mirror. From the menu, select the specific egress interface to which the matching
traffic stream must be copied, in addition to being forwarded normally by the
switch.
- Redirect. From the menu, select the egress interface to which the matching traffic
stream must be redirected, bypassing any forwarding decision normally
performed by the switch.
• Src IP Address. Enter an IP address using dotted-decimal notation to be compared
to a packet’s source IP address as a match criterion for the selected IP ACL rule.
• Src IP Mask. Specify the IP mask in dotted-decimal notation to be used with the
source IP address value.
9. Click the Apply button.
Your settings are saved.