Acl Assignment Configuration Example - HP 5500 HI Series Configuration Manual
Security
Hide thumbs
Also See for 5500 HI Series:
- Installation manual (72 pages) ,
- Compliance and safety manual (62 pages) ,
- Quickspecs (35 pages)
Table of Contents
Advertisement
Max number of on-line users is 2048
Current online user number is 1
MAC ADDR
00e0-fc12-3456
# After a user passes MAC authentication, use the display connection command to display online user
information.
<Device> display connection
Slot:
1
Index=29
IP=N/A
IPv6=N/A
MAC=00e0-fc12-3456
Total 1 connection(s) matched on slot 1.
Total 1 connection(s) matched.
ACL assignment configuration example
Network requirements
As shown in
RADIUS servers to perform authentication, authorization, and accounting.
Perform MAC authentication on port GigabitEthernet 1/0/1 to control Internet access. Make sure that an
authenticated user can access the Internet but the FTP server at 10.0.0.1.
Use MAC-based user accounts for MAC authentication users. The MAC addresses are hyphen separated
and in lower case.
Figure 35 Network diagram
Configuration procedure
1.
Make sure the RADIUS server and the access device can reach each other.
2.
Configure the ACL assignment:
# Configure ACL 3000 to deny packets destined for 10.0.0.1.
<Sysname> system-view
[Sysname] acl number 3000
[Sysname-acl-adv-3000] rule 0 deny ip destination 10.0.0.1 0
[Sysname-acl-adv-3000] quit
Authenticate state
MAC_AUTHENTICATOR_SUCCESS
,Username=aaa@2000
Figure
35, a host connects to the device's port GigabitEthernet 1/0/1, and the device uses
Auth Index
29
115
- Quick Links:
- Configuration Guide
- Configuring Aaa
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
