× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Orbi WiFi 7 RBE973

Re: Which Switch Model support block port#443 traffic per switch port and through command lines

bjmango
Aspirant

Which Switch Model support block port#443 traffic per switch port and through command lines

I am looking for a switch that supports.

1. Block/unblock the internet traffic from a certain port (ex.port443) through command line.

2. The traffic could be controled per switch port throught the command line.

Model: M4100-26G-PoE (GSM7226LP)|ProSAFE 26-port Gigabit Fully Managed L2 Switch with PoE
Message 1 of 5

Accepted Solutions
Retired_Member
Not applicable

Re: Which Switch Model support block port#443 traffic per switch port and through command lines

Hi @bjmango,

 

As port #443 is known protocol for HTTPs over TCP, we can block TCP protocol port=443 as below:

[Step1: create IP ACL rule, deny TCP destination port=443]

ip access-list test
deny tcp any any eq 443
permit ip any any
exit

[Step2: binding IP ACL to interface 1/0/6]
interface 1/0/6
ip access-group test in 1
exit

 

Besides: If you want only permit packet with port=443, deny other packet. We need change IP ACL rule as below:

permit tcp any any eq 443 
deny ip any any

 

For detailed configuration of IP ACL function, please refer to CLI User Manual for Manged Switch, refer to the link (page 940: IP Access Control List  Commands).

View solution in original post

Message 4 of 5

All Replies
Retired_Member
Not applicable

Re: Which Switch Model support block port#443 traffic per switch port and through command lines

Hi @bjmango

Welcome to the community!

All Netgear Fully Managed Switches support config IP ACL to block specific traffic with certain port(TCP/UDP port) per switch port by CLI command.

For all Netgear Fully Managed Switches list, please refer to link, then select Swtiches-->Fully Managed Switches.

Hope it helps!

Regards,

EricZ
NETGEAR employee

Message 2 of 5
bjmango
Aspirant

Re: Which Switch Model support block port#443 traffic per switch port and through command lines

Thanks EricZ, could you give me a CLI example that blocks then unblock the port 443 traffic against switch port6? Thank you very much!

Message 3 of 5
Retired_Member
Not applicable

Re: Which Switch Model support block port#443 traffic per switch port and through command lines

Hi @bjmango,

 

As port #443 is known protocol for HTTPs over TCP, we can block TCP protocol port=443 as below:

[Step1: create IP ACL rule, deny TCP destination port=443]

ip access-list test
deny tcp any any eq 443
permit ip any any
exit

[Step2: binding IP ACL to interface 1/0/6]
interface 1/0/6
ip access-group test in 1
exit

 

Besides: If you want only permit packet with port=443, deny other packet. We need change IP ACL rule as below:

permit tcp any any eq 443 
deny ip any any

 

For detailed configuration of IP ACL function, please refer to CLI User Manual for Manged Switch, refer to the link (page 940: IP Access Control List  Commands).

Message 4 of 5
bjmango
Aspirant

Re: Which Switch Model support block port#443 traffic per switch port and through command lines

Thanks a lot EricZ!

Message 5 of 5
Discussion stats
  • 4 replies
  • 3971 views
  • 1 kudo
  • 2 in conversation
Announcements