Importing Acl; Configuration Example; Configuring Acl For Snmp Users - 3Com 5500-SI Configuration Manual

Importing ACL

Configuration Example

Configuring ACL for
SNMP Users
You can import a defined ACL in User Interface View to achieve ACL control.
Perform the following configurations respectively in System View and User Interface
View.
Table 400 Importing ACL
Operation
Enter user interface view
(System View)
Import the ACL (User Interface
View)
See the Command Reference Manual for details about these commands.
Networking Requirement
Only the Telnet users from 10.110.100.52 and 10.110.100.46 can access the Switch.
Networking Diagram
Figure 98 ACL configuration for Telnet users
Internet
Switch
Configuration Procedure
1 Define a basic ACL.
[SW5500]acl number 2000 match-order config
[SW5500-acl-basic-2000]rule 1 permit source 10.110.100.52 0
[SW5500-acl-basic-2000]rule 2 permit source 10.110.100.46 0
[SW5500-acl-basic-2000]quit
2 Import the ACL.
[SW5500]user-interface vty 0 4
[SW5500-ui-vty0-4]acl 2000 inbound
The Switch 5500 Family supports remote network management (NM) and the user
can use SNMP to access them. Proper ACL configuration can prevent illegal users
from logging onto the Switches.
Two steps are included in this configuration:
1 Define an ACL
2 Import the ACL to control SNMP users
Defining ACL
Currently only number-based ACLs can be imported, with the number ranging from
2000 to 2999. See "Defining ACL" on page 353 for detailed configuration.
Command
user-interface [ type ] first_number [
last_number ]
acl acl_number { inbound | outbound }
ACL Control Configuration 377