Sign in
Forgot password?
Create account

Configuring Access Control Lists (ACLs)

Configuring ACLs on AMG510 & AMG570 Switches
AMG Technical Services
Download PDF Version

An Access Control List (ACL) is a function that watches incoming and outgoing traffic and compares it with a set of defined statements.


Here is a guide on how to configure ACLs on AMG 510 & AMG570 switches:

 

Web GUI

Step 1: On the left-hand side of the Web GUI, select Configuration > Security > Network > ACL > Access Control List

Step 2: Select the ‘+’ symbol to add an access control list configuration

Step 3: Select the port for which you want to apply an access list to and specify if you require a policy filter. You can also choose the frame type for filtering your access list. Select the ‘Action’ tab drop down to specify if you want your configuration to ‘Permit’, ‘Deny’ or ‘Filter’ the chosen ‘Frame Type’. Choose if you would like the ACL for the specific port to be ‘Rate Limited’, ‘Mirrored’, ‘Logged’ or Shutdown’ upon configuration

Step 4: You can specify specific destination or source MAC address parameters for your access control list

Step 5: Specify if you require any specific VLAN Parameters for your access control list

Step 6: Lastly, you can specify your ‘Ethernet Type Parameters’. Once you have made your configurations, select ‘Save’. 

Step 7: Your Access list configuration will show, you can choose to add another ACE configuration before or at the end of this configuration. Alternatively, you can edit or delete this configuration

Step 8: To verify your configuration, navigate on the left-hand side of the Web GUI to Monitor > Security > Network > ACL Status

Step 9: To save your configuration to your startup configuration, on the left-hand side of the Web GUI, select Maintenance > Configuration > Save startup-config

Command Line Interface (CLI)

Step 1: Enter configuration mode on the command line interface by entering the command “configure terminal

configure terminal

Step 2: Enter the command “access-list ace 1 ingress interface GigabitEthernet [PortNumber] frame-type [SpecificFrameType] smac [SourceMACAddress] logging” and exit configuration mode by entering the command “exit

access-list ace 1 ingress interface GigabitEthernet [PortNumber] frame-type [SpecificFrameType] smac [SourceMACAddress] logging

exit

Step 3: To verify your configuration, enter the command “show running-config"

show running config

Step 4: To save your configuration to your startup configuration enter the command “copy running-config startup-config"

copy running-config startup-config

Here is an example of an access list configuration in the command line interface:

This website use cookies

This website uses cookies to track your behavior and to improve your experience on the site

You can always delete saved cookies by visiting the advanced settings of your browser