EasyManua.ls Logo

Hirschmann MACH 4000 User Manual

Hirschmann MACH 4000
240 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #93 background imageLoading...
Page #93 background image
Protection from unauthorized access
Basic - L3P
Release
4.0
11/07
6.6
Access Control Lists (ACL).
19
6.6.2 Description of IP-based ACLs.
The Switch differentiates between standard and extended IP-based ACLs.
ACLs with an ID number (ACL ID)
X 1 to 99 are standard IP-based ACLs and
X 100 to 199 are extended IP-based ACLs.
Standard IP-based ACLs provide the following criteria for filtering:
X IP source address with network mask
X All data packets (match every)
Extended IP-based ACLs provide the following criteria for filtering:
X All data packets (every)
X Protocol number or protocol (IP, ICMP, IGMP, TCP, UDP)
X IP source address with network mask or all IP source addresses (any)
X Layer 4 protocol port numbers of the source (UDP port, TCP port)
X IP destination address with network mask or all IP destination addresses
(any)
X Layer 4 protocol port numbers of the destination (UDP port, TCP port)
X ToS field with mask
X DSCP field
X IP precedence field
Note: If you are using IP ACLs at ports which are located in the HIPER-Ring
or which participate in the Ring/network coupling, you add the following rule
to the ACLs:
X PERMIT
X Protocol: UDP
X Source IP: ANY
X Destination IP: 0.0.0.0/32
X Source port: 0
X Destination port: 0
X CLI command: access-list 1xx permit udp any eq 0 0.0.0.0
0.0.0.0 eq 0

Table of Contents

Other manuals for Hirschmann MACH 4000

Preview: Reference Manual
Reference Manual286 pages
Question and Answer IconNeed help?

Do you have a question about the Hirschmann MACH 4000 and is the answer not in the manual?

Hirschmann MACH 4000 Specifications

General IconGeneral
ModelMACH4000
Operating Temperature-40°C to +70°C
ManagedYes
Switching TechnologyStore-and-forward
ManagementWeb-based, CLI, SNMP
PortsUp to 24
Port Type and Speed10/100/1000 Mbps Ethernet, Gigabit Ethernet
Speed10/100/1000 Mbps
VLAN SupportYes
RedundancyHSR, PRP

Summary

Access to the User Interfaces

1.1 System Monitor

1.2 Command Line Interface

Use the CLI for detailed configuration and advanced switch management.

1.3 Web-based Interface

Configure the switch graphically via a web browser interface.

Entering the IP Parameters

2.2 Entering IP parameters via CLI

Configure IP settings using the Command Line Interface.

2.3 Entering the IP Parameters via HiDiscovery

2.4 Loading the system configuration from the ACA

2.5 System configuration via BOOTP

2.6 System configuration via DHCP

Automate IP parameter assignment using DHCP.

2.7 System configuration via DHCP Option 82

2.8 System configuration via the Web-based interface

Set IP parameters through the graphical web interface.

2.9 Faulty device replacement

Solutions for replacing a faulty switch with a new one.

Loading/saving settings

3.1 Loading settings

Methods for loading configuration data into the switch.

3.2 Saving settings

Methods for saving current configuration data.

Loading software updates

4.1 Loading the software from the ACA

4.2 Loading the software from the tftp server

Configuring the ports

Switching the port on and off

Configuring Power over ETHERNET

Protection from unauthorized access

6.1 Password for SNMP access

6.2 Telnet/Web/SSH access

Manage and secure remote access protocols like Telnet, Web, and SSH.

6.4 Port access control

Implement MAC or IP-based security policies on switch ports.

6.5 Port authentication according to 802.1X

Secure network access using IEEE 802.1X port authentication.

6.6 Access Control Lists (ACL).

Filter traffic based on IP or MAC addresses using Access Control Lists.

Network load control

8.1 Direct packet distribution

8.2 Multicast application

8.3 Rate Limiter

Control traffic rates on ports to prevent congestion.

8.4 QoS/Priority

Prioritize traffic types to ensure quality for critical applications.

8.5 Flow control

8.6 VLANs

Segment the network into virtual LANs for better organization.

Operation diagnosis

9.1 Sending traps

9.2 Monitoring the device status

Check the overall operational status and health of the switch.

9.5 Event counter at port level

9.6 Displaying the SFP status

9.7 TP cable diagnosis

9.8 Topology discovery

9.9 Detecting IP address conflicts

Detect and resolve IP address conflicts on the network.

9.11 Monitoring port traffic (port mirroring)

Setting up configuration environment

A.1 Setting up DHCP/BOOTP server

A.2 Setting up DHCP Server Option 82

A.3 tftp server for software updates

A.4 Preparing access via SSH

Set up SSH access using key pairs for secure remote management.

Related product manuals