ACL Control Configuration 379
Configuration Example Networking Requirement
Only SNMP users from 10.110.100.52 and 10.110.100.46 can access the Switch.
Networking Diagram
Figure99 ACL Configuration for SNMP Users
Configuration Procedure
1Define a basic ACL.
[SW5500]acl number 2000 match-order config
[SW5500-acl-baisc-2000]rule 1 permit source 10.110.100.52 0
[SW5500-acl-baisc-2000]rule 2 permit source 10.110.100.46 0
[SW5500-acl-baisc-2000]quit
2Import the ACL.
[SW5500]snmp-agent community read 3Com acl 2000
[SW5500]snmp-agent group v2c 3Comgroup acl 2000
[SW5500]snmp-agent usm-user v2c 3Comuser 3Comgroup acl 2000
Configuring ACL Control
over the HTTP Users
The Switch 5500 Family supports the remote management through the Web
interface. The users can access the Switch through HTTP. Controlling such users with
ACL can help filter the illegal users and prevent them from accessing the local Switch.
After configuring ACL control over these users, the Switch allows only one Web user
to access the Ethernet Switch at one time.
Take the following steps to control the HTTP users with ACL.
1Defining ACL
2Calling ACL to control HTTP users
The follow section introduces the configuration procedures.
Defining ACL You can only call the numbered basic ACL, ranging from 2000 to 2999, to implement
ACL control function. Use the same configuration commands introduced in the last
section.
Calling ACL to Control
HTTP Users
To control the Web network management users with ACL, call the defined ACL.
You can use the following commands to call an ACL. Perform the following
configuration in System View.
Internet
Switch