Configuration Example; Configuring Acl Control Over The Http Users; Defining Acl; Calling Acl To Control Http Users - 3Com 5500-SI Configuration Manual

Configuration Example

Configuring ACL Control
over the HTTP Users

Defining ACL

Calling ACL to Control
HTTP Users
Networking Requirement
Only SNMP users from 10.110.100.52 and 10.110.100.46 can access the Switch.
Networking Diagram
Figure 99 ACL Configuration for SNMP Users
Configuration Procedure
1 Define a basic ACL.
[SW5500]acl number 2000 match-order config
[SW5500-acl-baisc-2000]rule 1 permit source 10.110.100.52 0
[SW5500-acl-baisc-2000]rule 2 permit source 10.110.100.46 0
[SW5500-acl-baisc-2000]quit
2 Import the ACL.
[SW5500]snmp-agent community read 3Com acl 2000
[SW5500]snmp-agent group v2c 3Comgroup acl 2000
[SW5500]snmp-agent usm-user v2c 3Comuser 3Comgroup acl 2000
The Switch 5500 Family supports the remote management through the Web
interface. The users can access the Switch through HTTP. Controlling such users with
ACL can help filter the illegal users and prevent them from accessing the local Switch.
After configuring ACL control over these users, the Switch allows only one Web user
to access the Ethernet Switch at one time.
Take the following steps to control the HTTP users with ACL.
1 Defining ACL

2 Calling ACL to control HTTP users

The follow section introduces the configuration procedures.
You can only call the numbered basic ACL, ranging from 2000 to 2999, to implement
ACL control function. Use the same configuration commands introduced in the last
section.
To control the Web network management users with ACL, call the defined ACL.
You can use the following commands to call an ACL. Perform the following
configuration in System View.
Internet
Switch
ACL Control Configuration 379