User Manual
Table Of Contents
- S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches with 2 or 4 SFP Ports
- Contents
- 1 Get Started
- Available Publications
- Switch Management and Discovery Overview
- Options to Change the Default IP Address of the Switch
- Discover or Change the Switch IP Address
- About the User Interfaces
- Access the Local Browser Interface
- Change the Language of the Local Browser Interface
- Use the Device View of the Local Browser Interface
- Interface Naming Conventions
- Configure Interface Settings
- Context-Sensitive Help and Access to the Support WebSite
- Access the User Manual Online
- Register Your Product
- 2 Configure System Information
- 3 Configure Switching
- Configure the Port Settings and Maximum Frame Size
- Configure Link Aggregation Groups
- Configure LAG Settings
- Configure LAG Membership
- Set the LACP System Priority
- Set the LACP Port Priority Settings
- Configure VLANs
- Configure VLAN Settings
- Configure VLAN Membership
- View the VLAN Status
- Configure Port PVID Settings
- Configure a MAC-Based VLAN
- Configure Protocol-Based VLAN Groups
- Configure Protocol-Based VLAN Group Membership
- Configure a Voice VLAN
- Configure Auto-VoIP
- Configure Spanning Tree Protocol
- Configure Multicast
- View, Search, or Clear the MFDB Table
- View the MFDB Statistics
- Configure the Auto-Video Multicast Settings
- About IGMP Snooping
- Configure IGMP Snooping
- Configure IGMP Snooping for Interfaces
- View, Search, or Clear the IGMP Snooping Table
- Configure IGMP Snooping for VLANs
- Modify IGMP Snooping Settings for a VLAN
- Disable IGMP Snooping on a VLAN
- Configure a Multicast Router Interface
- Configure a Multicast Router VLAN
- IGMP Snooping Querier Overview
- Configure an IGMP Snooping Querier
- Configure an IGMP Snooping Querier for VLANs
- Display IGMP Snooping Querier for VLAN Status
- View, Search, and Manage the MAC Address Table
- Configure Layer 2 Loop Protection
- 4 Configure Quality of Service
- 5 Manage Device Security
- Configure the Management Security Settings
- Configure Management Access
- Configure Port Authentication
- Set Up Traffic Control
- Configure Access Control Lists
- Use the ACL Wizard to Create a Simple ACL
- Configure a Basic MAC ACL
- Configure MAC ACL Rules
- Configure MAC Bindings
- View or Delete MAC ACL Bindings in the MAC Binding Table
- Configure a Basic or Extended IP ACL
- Configure Rules for a Basic IP ACL
- Configure Rules for an Extended IP ACL
- Configure IP ACL Interface Bindings
- View or Delete IP ACL Bindings in the IP ACL Binding Table
- 6 Monitor the System
- 7 Maintenance
- A Configuration Examples
- B Specifications and Default Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches
Manage Device Security User Manual287
You can either select the enter the port range yourself or select one of the
following protocols from the menu:
• The destination IP TCP port range names are Domain, Echo, FTP, FTP data,
www-http, SMTP, Telnet, POP2, POP3, and bgp.
• The destination IP UDP port range names are Domain, Echo, SNMP, NTP,
RIP, Time, Who, and TFTP.
Each of these values translates into its equivalent port number, which is used as
both the start and end of the port range.
Select Other from the menu to enter a port number. If you select Other from the
menu but leave the field blank, it means any.
The wildcard mask determines which bits are used and which bits are ignored. A
wildcard mask of 0.0.0.0 indicates that none of the bits are important. A wildcard
of 255.255.255.255 indicates that all of the bits are important.
• IGMP Type. If your selection from the Protocol Type menu is IGMP and you specify
the IGMP type, the IP ACL rule matches the specified IGMP message type. The
range is from 0 to 255. If this field is left empty, it means any.
• ICMP. If your selection from the Protocol Type menu is ICMP, you can select either
the Type or Message radio button:
- Type. If you select the Type radio button, note the following:
• The Type and Code fields are enabled only if the protocol is ICMP. Use these
fields to specify a match condition for ICMP packets:
• If you specify information in the Type field, the IP ACL rule matches the
specified ICMP message type. The type number can be from 0
to 255.
• If you specify information in the Code field, the IP ACL rule matches the
specified ICMP message code. The code can be from 0 to 255.
• If these fields are left empty, it means any.
- Message. If you select the Message radio button, from the menu, select the type
of the ICMP message to match with the selected IP ACL rule. Specifying a type of
message implies that both the ICMP type and ICMP code are specified. The
ICMP message is decoded into the corresponding ICMP type and ICMP code
within the ICMP type.
The IPv4 ICMP message types are Echo, echo-reply, host-redirect,
mobile-redirect, net-redirect, net-unreachable, redirect, packet-too-big,
port-unreachable, source-quench, router-solicitation, router-advertisement,
TTL-exceeded, time-exceeded, and unreachable.
• Fragments. Either select the Enable radio button to allow initial fragments (that is,
the fragment bit is asserted) or leave the default Disable radio button selected to
prevent initial fragments from being used.
This option is not valid for rules that match L4 information such as a TCP port
number, because that information is carried in the initial packet.
• Service Type. Select a service type match condition for the extended IP ACL rule.