Configuring ACL Control 175

Figure 47 Traffic Statistics

GE7/0/8

GE7/0/1

GE3/0/2

VLAN2,

VLAN3,

1.0.0.1/8

2.0.0.1/8

PC1

PC2

 

To create this configuration:

1 Define the time range 8:00 to 18:00.

[SW7750]time-range 3com 8:00 to 18:00 daily

2 Define traffic rules for PC1 packets.

[SW7750]acl number 2000

[SW7750-acl-basic-2000]rule 0 permit ip source 1.0.0.1 0.0.0.0 time-range 3com

3 Count PC1 packets, view the statistics with the display command.

 

Enter QoS view.

 

[SW7750-GigabitEthernet7/0/1]qos

 

[SW7750-qosb-GigabitEthernet7/0/1]

 

Count PC1 packets, view the statistics with the display command.

 

[SW7750-qosb-GigabitEthernet7/0/1]traffic-statistic inbound ip-group

 

1 rule 0

 

[SW7750]display qos-interface GigabitEthernet7/0/1 traffic-statistic

 

 

Configuring ACL

The Switch 7750 provides several logon and device access measures, including

Control

TELNET access, SNMP access, and HTTP access. The security control, over the

 

access measures, is provided with the switches to prevent illegal users from

 

logging onto and accessing the devices. There are two levels of security controls.

 

At the first level, the user connection is controlled with an ACL filter and only legal

 

users can be connected to the switch. At the second level, a connected user can

 

log on to the device only if the user can pass the password authentication.

 

This chapter introduces how to configure the first level security control to filter the

 

logon users with ACL. For the information about how to configure the first level

 

security, see “System Access”.

Configuring ACL Control is described in the following sections:

Configuring ACL Control for TELNET Users

Configuring ACL Control for SNMP Users

Page 175
Image 175
3Com 10014298 Configuring ACL, Control, Define traffic rules for PC1 packets, Enter QoS view, Security, see System Access