NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

ACL

5 Topics

OOB Management ACL
Hello all, I am trying to create an ACL to apply to the service port. Through the command line, I am able to make a management acl using the "management access-list" command. After making the ACL, when trying to make rules, there is no serviceport option after typing the ip-source for the rule. Then, when applying the ACL through the "management access-class name" command and trying to access the switch through ssh from an ip not on the list, I am able to access the switch. The ACL says no packets were filtered. The serviceport is the only connection available from outside of the switch. I am using an AV4250 switch. Thanks.
osu
Jun 26, 2025 Place Managed Switches
17Views
0likes
0Comments
M7100-24x Cannot get ACLs to work
I have diligently tried to get the ACLs to work on my M7100-24x. Unfortunately both Standard and Extended ACLs do not work. I set the ACLs up and with the permit parameter and with the correct mask for single IP which is 0.0.0.0 and it just denies all traffic. Tried same with a whole subnet and correct mask of 0.0.0.255 still no luck. Any suggestions please
kkuti
Jun 13, 2025 Place Managed Switches
57Views
0likes
0Comments
IP ACL Vlans MG5300
Hello, I would like to implement IPv4 ACL policies in a Vlan segmentated network. My core switch is an M5300-28G ProSafe 24-port Gigabit L2+ with 10 Gigabit Stacking, 10.0.0.44, B1.0.0.5. I have the following vlan on the MG5300: Vlan1 192.168.0.0/24 - Servers + Internet Gateway Vlan10 192.168.10.0/24 Vlan20 192.168.20.0/24 Vlan30 192.168.30.0/24 Vlan40 192.168.40.0/24 Vlan50 192.168.50.0/24 Vlan60 192.168.60.0/24 Vlan70 192.168.70.0/24 - Printers I need to implement: Vlan10 Acces to vlan1 (to permit access to Servers and Internet) Access to Vlan70 (to permit access to printers) No Access to Vlan20, vlan30, vlan40, vlan50, vlan60 Vlan20 Acces to vlan1 (to permit access to Servers and Internet) Access to Vlan70 (to permit access to printers) No Access to Vlan10, vlan30, vlan40, vlan50, vlan60 Vlan30 Acces to vlan1 (to permit access to Servers and Internet) Access to Vlan70 (to permit access to printers) No Access to Vlan20, vlan10, vlan40, vlan50, vlan60 Vlan40 Acces to vlan1 (to permit access to Servers and Internet) Access to Vlan70 (to permit access to printers) No Access to Vlan20, vlan30, vlan10, vlan50, vlan60 Vlan50 Acces to vlan1 (to permit access to Servers and Internet) Access to Vlan70 (to permit access to printers) No Access to Vlan20, vlan30, vlan40, vlan10, vlan60 Vlan60 Acces to vlan1 (to permit access to Servers and Internet) Access to Vlan70 (to permit access to printers) No Access to Vlan20, vlan30, vlan40, vlan50, vlan10 Which is the best way to implement this requirements ? Thanks so much !
fjsanchez
Apr 04, 2018 Place Managed Switches
1.8KViews
0likes
3Comments
M4300-24X24F VLAN's, ACL and separation
Good day all, I have found an article, but as soon as I try to set the rules according to the article I lose all connection to the switch and need to undo the ACL using the console cable... https://kb.netgear.com/30818/How-to-configure-routing-VLANs-on-a-NETGEAR-managed-switch-with-shared-internet-access I have a stack of 2x M4300-24X24F, which contains several VLAN's: 1, 20, 90, 91 and 101 Now all theses VLAN,s should not be able to route to eachother, except for VLAN 20 to a few hosts in VLAN 1, and theses few hosts in VLAN 1 to all of VLAN 20. So what is the best way to configure this? Or did I really make a big mistake and should I have gone for HP instead?? (At least on our old HP switch routing is opt-IN instead of opt-OUT?) Sorry to say, but even budget TP-LINK has a more intuitive interface...
XanderVR
May 15, 2017 Place Managed Switches
7.2KViews
0likes
8Comments
WLAN Access Denied for enabled MAC Address in the ACL
I have a rather large Access Control List (ACL), and I've never had a problem with it in the past, but I just got a new laptop and even when I register the MAC Address and reboot the router I am still getting the "WLAN Access Denied" error when accessing it from the laptop. I've done all the "sanity checks" of making sure the password is correct and that other devices still work. I got the MAC address for the laptop the same way I always have, I see the MAC Address in the Logs in the Access Denied message and copy it from there into the access list. I have done this with over 20 other devices successfully, I'm not sure what's different about this one MAC Address... I did confirm through ipconfig on the laptop that the MAC Address I am using is correct. When I turn off the ACL I can connect with no issues from the laptop. Any thoughts? I'm very familiar with computers and can do advanced troubleshooting, I just don't know infrastructure and networking stuff well so I don't know where to start here. Any ideas on how I can resolve this issue would be appreciated!
Solved
Gakuka
Mar 21, 2016 Place General WiFi Routers (Non-Nighthawk)
4.7KViews
0likes
2Comments