To delete an existing EX3500 MAC ACL, select the ACL and click the - Delete Row button.

Allow	Every EX3500 MAC ACL firewall rule is made up of matching criteria rules. The action defines what to do with the packet if it matches the specified criteria. The following actions are supported: Deny - Instructs the firewall to prevent a packet from proceeding to its destination. Permit - Instructs the firewall to allow a packet to proceed to its destination.
VLAN ID	Enter a VLAN ID representative of the shared SSID each user employs to interoperate within the network (once authenticated by the local RADIUS server). The VLAN ID can be between 1 and 4094.
VALN Mask	Enter a VLAN ID bit mask value.
Source and Destination MAC	Enter both Source and Destination MAC addresses. The source MAC address and destination MAC address are used as basic matching criteria. Provide a subnet mask if using a mask.
Ethertype	Use the spinner control to specify an Ethertype. An EtherType is a two-octet field within an Ethernet frame. It is used to indicate which protocol is encapsulated in the payload of an Ethernet frame. Select a value in the range 0 - 65535. This field is enabled by default. The default value is 1.
Ethertype Mask	Use the spinner control to specify the Ethertype Mask. Select a value in the range 0 - 65535. This field is enabled by default. The default value is 1.
Time Range	Use this field to select a time range when this ACL will be enabled. For more information, see EX3500 Time Range on page 10-64.
Precedence	Use the spinner control to specify a precedence for this MAC firewall rule between 1 - 1500. Rules with lower precedence are always applied first to packets.