Access Management
Configuration
Access Management
Overview
Configuring Access
Management
debugging dhcp-relay
command to output the debugging information to the console. In this way, you
can view the detailed information of all DHCP packets on the console as they
apply for the IP address, and so locate the problem.
In networking, the ports in a Switch which access different users belong to the
same VLAN and they cannot communicate with each other, for the purposes of
security, simplicity, and saving VLAN resources. Different ports have different IP
addresses and only the users with an IP address which is allowed to pass the port
can access the external network through the port. You can achieve this
configuration using the functions binding Switch port with IP address and port
layer-2 isolating.
Access management configuration includes:
Enabling/Disabling Access Management
■
Configuring the Access Management IP Address Pool Based on the Port
■
Configuring Layer 2 Isolation Between Ports
■
Enabling/Disabling Access Management Trap
■
Enabling/Disabling Access Management
You can use the following command to enable the access management function.
Only after the access management function is enabled will the access
management features (IP and port binding and Layer 2 port isolation) take effect.
Perform the following configuration in System View.
Table 87 Enabling/Disabling the Access Management Function
Operation
Enable access management function
Disable access management function
By default, the system disables the access management function.
Configuring the Access Management IP Address Pool Based on the Port
You can use the following command to set the IP address pool for access
management on a port. The packet whose source IP address is in the specified
pool is allowed to be forwarded on Layer 3 via the port of the Switch.
Perform the following configuration in Ethernet Port View.
Table 88 Configuring the Access Management IP Address Pool Based on the Port
Operation
Configure the access management IP address pool
based on the port
Access Management Configuration
in User View and then use the
Command
am enable
undo am enable
terminal debugging
Command
am ip-pool address_list
93