Zyxel Employee
Share your feedback through our survey, make your voice heard, and win a WiFi 7 AP! https://bit.ly/2024_Survey_Community
GS2210 限制某port只允許校時
All Replies
-
Hi @ysfan,
經過討論與測試,這邊update一下最後的結論~
PC會在發NTP封包之前先發ARP封包
但此時ARP封包會被第二筆Deny的ACL丟棄
因此需要在Deny ACL之前再加一筆Allow ARP的ACL
以下提供ACL邏輯範例給其他遇到相同情況的用戶參考:
1. Allow 指定port進來的ARP封包(EtherType=ARP)
2. Allow 指定port進來的NTP封包(IP Protocol=UDP, destination socket=123)
3. Deny 指定port進來的所有封包
謝謝您的配合~
Jason
Share your feedback through our survey, make your voice heard, and win a WiFi 7 AP! https://bit.ly/2024_Survey_Community1
