[GS-5220,IGS-5225,IGS-6325 series] How to allow or block some IP address connect to switch via ACL feature.

Here is an ACL example, shown below: 

● Port 1 only accepts 192.168.0.6 and deny the other IP address. 

● Port 3 only accepts 192.168.0.66 and deny the other IP address.

Step 1 : Connect your laptop to any port of the switch except ports 1 and 3, then log in to the web management.

              Go to the ACL Configuration page following the path: Security → ACL Configuration. 

Step 2 : Click the “+” icon to add a rule. 

Step 3 : Please refer the picture below to set the Ingress Port as “Port 1”, set the Frame Type as “IPv4”, set the Action as “Permit”,

                and set the SIP Filter as “192.168.0.6”.  Click the “Apply” button. 

Step 4 : Click the button “+” icon to add a rule.

Step 5 : Please refer the picture below to set the Ingress Port as “Port 1”, set the Frame Type as “IPv4”, set the Action as “Deny”,

               and set the SIP Filter as “Any”.  Click the “Apply” button.

Step 6 : Click the top “+” icon to add a rule.

Step 7 : Please refer to the picture below to set the Ingress Port as “Port 3”, set the Frame Type as “IPv4”, set the Action as “Permit”,

                and set the SIP Filter as “192.168.0.66”.  Click the “Apply” button. 

Step 8 : Here we will add the “Deny” rule for port 3, note that the “Deny” rule must be under the “Permit” rule of port 3.

                Please refer to the picture below to click the top “+” icon of the “Permit” rule of port 1 to add a rule.

Step 9 : Please refer to the picture below to set the Ingress Port as “Port 3”, set the Action as “Deny”, and set the SIP Filter as “Any”.

                Click the “Apply” button. 

Step 10 : All rules are done. The result is shown below: 

Thus, the switch can support the goals: 

● Port 1 only accepts 192.168.0.6 and deny the other IP address. 

● Port 3 only accepts 192.168.0.66 and deny the other IP address.