Table of Contents
Advertisement
Operation Manual - QoS/ACL
Quidway S3500 Series Ethernet Switches
2)
Define the ACL for packet which source MAC address is 00e0-fc01-0101 and
destination MAC address is 00e0-fc01-0303.
# Enter the named link ACL, named as traffic-of-link.
[Quidway] acl name traffic-of-link link
# Define the rules for packet which source MAC address is 00e0-fc01-0101 and
destination MAC address is 00e0-fc01-0303.
[Quidway-acl-link-traffic-of-link] rule 1 deny ip ingress 00e0-fc01-0101 egress
00e0-fc01-0303 time-range huawei
3)
Activate ACL.
# Activate the ACL traffic-of-link .
[Quidway] packet-filter link-group traffic-of-link
1.6 ACL Configuration Example of S3526E
1.6.1 Advanced ACL Configuration Example
I. Networking requirements
The interconnection between different departments on a company network is
implemented through the 100M ports of the Ethernet Switch. The payment query server
of the Financial Dept. is accessed via Ethernet1/1 (at 129.110.1.2). It is required to
properly configure the ACL and limit the department other than the Office of President
access the payment query server between 8:00 and 18:00. The Office of President (at
129.111.1.2) can access the server without limitation.
II. Networking diagram
Office of President
129.111.1.2
Financial Department
subnet address
10.110.0.0
Figure 1-5 Access control configuration example
III. Configuration procedure
Pay query server
129.110.1.2
#4
#3
#2
#1
Switch
Administration Department
subnet address
Connected to a router
10.120.0.0
Huawei Technologies Proprietary
1-28
Chapter 1 ACL Configuration
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
