Combining Access Management With Port Isolation - H3C S5100-SI Operation Manual
Ethernet switches
Hide thumbs
Also See for H3C S5100-SI:
- Operation manual (934 pages) ,
- Installation manual (104 pages) ,
- Quick start manual (78 pages)
Table of Contents
Advertisement
Disable the PCs that are not of Organization 1 (PC 2 and PC 3) from accessing the external
network through GigabitEthernet 1/0/1 of Switch A.
Network diagram
Figure 1-2 Network diagram for access management configuration
Configuration procedure
Perform the following configuration on Switch A.
# Enable access management.
<Sysname> system-view
[Sysname] am enable
# Set the IP address of VLAN-interface 1 to 202.10.20.200/24.
[Sysname] interface Vlan-interface 1
[Sysname-Vlan-interface1] ip address 202.10.20.200 24
[Sysname-Vlan-interface1] quit
# Configure the access management IP address pool on GigabitEthernet 1/0/1.
[Sysname] interface GigabitEthernet 1/0/1
[Sysname-GigabitEthernet1/0/1] am ip-pool 202.10.20.1 20
Combining Access Management with Port Isolation
Network requirements
Client PCs are connected to the external network through Switch A (an Ethernet switch). The IP
addresses of the PCs of Organization 1 are in the range 202.10.20.1/24 to 202.10.20.20/24, and those
of the PCs in Organization 2 are in the range 202.10.20.25/24 to 202.10.20.50/24 and the range
202.10.20.55 to 202.10.20.65/24.
Allow the PCs of Organization 1 to access the external network through GigabitEthernet 1/0/1 of
Switch A.
1-3
Advertisement
Chapters
Table of Contents
Troubleshooting
