212
C
23: L
HAPTER
OGON
Basic ACL Control
Configuration Example
Configuring ACL for
SNMP Users
Configuration
Prerequisites
U
ACL C
C
SER
ONTROL
ONFIGURATION
[SW8800] user-interface vty 0 4
# Apply the Layer 2 ACL to restrict incoming requests.
[3Com-user-interface-vty0-4] acl 4000 inbound
Network requirements
Only the Telnet users with IP addresses of 10.110.100.52 and 10.110.100.46 can
access the switch.
Network diagram
Figure 55 Network diagram for source IP control over Telnet users
Internet
Switch
Configuration procedure
# Define a basic ACL.
<SW8800>system-view
System View: return to User View with Ctrl+Z.
[SW8800] acl number 2000 match-order config
# Define rules.
[3Com-acl-basic-2000] rule 1 permit source 10.110.100.52 0
[3Com-acl-basic-2000] rule 2 permit source 10.110.100.46 0
[3Com-acl-basic-2000] rule 3 deny source any
[3Com-acl-basic-2000] quit
# Enter user interface view.
[SW8800] user-interface vty 0 4
# Apply the ACL.
[3Com-user-interface-vty0-4] acl 2000 inbound
Switch 8800 Family series switches can be managed remotely through network
management software (NMS). Administrators can use SNMP to access an Switch
8800 Family series switch. Proper ACL configuration can prevent unauthorized
network management users from logging onto the switch.
You have correctly configured log into the switch using SNMP.