NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

spopuri's avatar
spopuri
Aspirant
May 13, 2020
Solved

M4300 ACL's

Hello,   I would like to create an ACL on the web interface to allow traffic from client to licensing server on a particular port.   Please see the attached screenshot and let me know if it is ri...
  • Retired_Member's avatar
    Retired_Member
    May 21, 2020

    Hi spopuri 

     

    Welcome to Community!

     

    Do you want to only allow DIP=10.3.200.40 and UDP D-Port from 27000~27009 packet fowarding on the binding port? But this is only for Client->Server direction, so what about Server->Client direction? Allow or dely? Currently your config ACL will deny all packet that from Server->Client direction, is it your expected behavior?

    If you want to allow both two direction traffic, you can add one more rule that permit with SIP=10.3.200.40 and UDP S-Port from 27000~27009(need you confirm if it's match your traffic that from Server->Client), then bind this ACL to the port.

     

    Regards,

    Eric

spopuri's avatar
spopuri
Aspirant
May 22, 2020

Thank you very much Retired_Member 

spopuri's avatar
spopuri
Aspirant
May 25, 2020

Hello Retired_Member 

 

I have another question, If I write ACL rules to allow only port specific traffic. Will it block all other traffic by default?

 

Thanks,

Sravan

  • Retired_Member's avatar
    Retired_Member
    May 26, 2020

    spopuri 

     

    Yes, sure. There is one default rule that will deny all traffic at the last.

    So it mean, if you want to add one rule to deny the specific traffic, you must add last rule with permit all.

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More