Configuration Example; Configuring Acl Control Over The Http Users - Huawei Quidway S3500 Series Operation Manual

Operation Manual - QoS/ACL
Quidway S3500 Series Ethernet Switches
Note:
Only the numbered basic ACL can be called for network management user control.

3.3.3 Configuration Example

I. Networking requirements
Only permit SNMP user from 10.110.100.52 and 10.110.100.46 access switch.
II. Networking diagram
Internet
Switch
Figure 3-2 Control SNMP users with ACL
III. Configuration procedure
# Define the basic ACLs.
[Quidway] acl number 2020 match-order config
[Quidway-acl-basic-2020] rule 1 permit source 10.110.100.52 0
[Quidway-acl-basic-2020] rule 2 permit source 10.110.100.46 0
[Quidway-acl-basic-2020] quit
# Call the basic ACLs.
[Quidway] snmp-agent community read huawei acl 2020
[Quidway] snmp-agent group v2c huaweigroup acl 2020
[Quidway] snmp-agent usm-user v2c huaweiuser huaweigroup acl 2020

3.4 Configuring ACL Control over the HTTP Users

Quidway Ethernet switch series support the remote management through WEB. The
users can access the switch through HTTP. Controlling such users with ACL can help
filter the illegal users and prevent them from accessing the local switch. After
configuring ACL control over these users, the switch allows only one WEB user to
access the Ethernet switch at one time.
Take the following steps to control the HTTP users with ACL.
Chapter 3 Logon User ACL Control Configuration
Huawei Technologies Proprietary
3-5