Netconf Soap Acl - HPE FlexNetwork 7500 Series Command Reference Manual

Examples
# Configure the device to log NETCONF edit-config information sourced from agent clients.
<Sysname> system-view
[Sysname] netconf log source agent protocol-operation set

netconf soap acl

Use netconf soap acl to apply an ACL to NETCONF over SOAP traffic.
Use undo netconf soap acl to restore the default.
Syntax
In non-FIPS mode:
netconf soap { http | https } acl { acl-number | name acl-name }
undo netconf soap { http | https } acl
In FIPS mode:
netconf soap https acl { acl-number | name acl-name }
undo netconf soap https acl
Default
No ACL is applied to NETCONF over SOAP traffic.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
acl-number: Specifies an ACL by its number in the range of 2000 to 2999.
http: Applies an ACL to NETCONF over SOAP over HTTP traffic.
https: Applies an ACL to NETCONF over SOAP over HTTPS traffic.
name acl-name: Specifies an ACL by its name. The acl-name argument is a case-insensitive string
of 1 to 63 characters. It must start with an English letter. To avoid confusion, it cannot be all. The
specified ACL must be an existing IPv4 basic ACL.
Usage guidelines
Only NETCONF clients permitted by the ACL can access the device through SOAP over HTTP.
If you execute the netconf soap http acl command multiple times, the most recent configuration
takes effect. The same is true for the netconf soap https acl command.
Examples
# Use ACL 2001 to allow only NETCONF clients from subnet 10.10.0.0/16 to access the device
through SOAP over HTTP.
<Sysname> system-view
[Sysname] acl basic 2001
[Sysname-acl-ipv4-basic-2001] rule permit source 10.10.0.0 0.0.255.255
[Sysname-acl-ipv4-basic-2001] quit
[Sysname] netconf soap http acl 2001
234