× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Start a New Discussion

Start a New Discussion

Orbi WiFi 7 RBE973
Reply

Can an ACL Rule be changed without having to delete and restore the binding?

twoods
Apprentice
Apprentice
‎2017-03-12 10:39 AM
‎2017-03-12 10:39 AM

Can an ACL Rule be changed without having to delete and restore the binding?

I set up Security > ACL > Basic > Mac Rule as follows:

 

ACL Name = AllowFromPort5

ID = 2, Action = Permit, Match Every = False, Destin MAC = [MAC address of Device A], Destin Mask = 00:00:00:00:00:00

ID = 3, Action = Permit, Match Every = False, Destin MAC = [MAC address of Device B], Destin Mask = 00:00:00:00:00:00

ID = 4, Action = Permit, Match Every = False, Destin MAC = [MAC address of DHCP Server], Destin Mask = 00:00:00:00:00:00

 

I bound this ACL to Interface g5 where a NAS device is attached.

 

Initially, I didn't include an entry for the DHCP server in the ACL file, and after a couple of days the NAS stopped communicating. Hopefully adding that entry will keep it alive.

 

My question is whether or not I should need to delete (under Binding Table) and then re-bind the ACL (under MAC Binding Configuration) each time an addition or change is made to the ACL? When I first created the rule I didn't seem to need to do that, but later when I tried to add a rule it didn't seem to take until I deleted and restored the binding as well.

 

Model: GS108Tv2|ProSAFE 8-port Gigabit Smart Switch
Message 1 of 2
0 Kudos
Reply

Accepted Solutions
twoods
Apprentice
Apprentice
‎2017-03-13 03:01 PM
‎2017-03-13 03:01 PM

Re: Can an ACL Rule be changed without having to delete and restore the binding?

I resolved the issue. The ACL Rule CAN be changed on the fly.

 

I was mislead (again) because (although I had added Permit  for the DHCP server) I did not have a Permit for the Broadcast address, so the NAS was still losing it's IP address. During the moment when I would delete the binding, the NAS was sometimes able to renew its address.

 

ID = 5, Action = Permit, Match Every = False, Destin MAC = FF:FF:FF:FF:FF:FF, Destin Mask = 00:00:00:00:00:00

View solution in original post

Message 2 of 2
0 Kudos
Reply

All Replies
twoods
Apprentice
Apprentice
‎2017-03-13 03:01 PM
‎2017-03-13 03:01 PM

Re: Can an ACL Rule be changed without having to delete and restore the binding?

I resolved the issue. The ACL Rule CAN be changed on the fly.

 

I was mislead (again) because (although I had added Permit  for the DHCP server) I did not have a Permit for the Broadcast address, so the NAS was still losing it's IP address. During the moment when I would delete the binding, the NAS was sometimes able to renew its address.

 

ID = 5, Action = Permit, Match Every = False, Destin MAC = FF:FF:FF:FF:FF:FF, Destin Mask = 00:00:00:00:00:00

Message 2 of 2
0 Kudos
Reply
Discussion stats
  • 1 reply
  • ‎2017-03-12 10:39 AM
  • 3468 views
  • 0 kudos
  • 1 in conversation
Announcements