Configuring Acl Control For Snmp Users - 3Com Switch 7700 Configuration Manual

Configuring ACL Control
for SNMP Users
Figure 12 Control TELNET User With ACL
Internet
Switch
Use the following commands to control TELNET users with ACL.
1 Define the basic ACLs.
[SW7700]acl number 2000 match-order config
[SW7700-acl-basic-2000]rule 1 permit source 10.110.100.52 0
[SW7700-acl-basic-2000]rule 2 permit source 10.110.100.46 0
[SW7700-acl-basic-2000]quit
2 Call an ACL.
[SW7700]user-interface vty 0 4
[SW7700-user-interface-vty0-4]acl 2000 inbound
The Switch 7700 supports remote management with the network management
software. The network management users can access the switch with SNMP.
Controlling such users with an ACL can filter the illegal network management
users, and prevent them from accessing the local switch.
The steps to control SNMP users with ACL are described in the following sections:
Defining an ACL
■
Importing an ACL to Control SNMP Users
■
Defining an ACL
To implement the ACL control function, you can only call the numbered basic ACL,
ranging from 2000 to 2999. Use the configuration commands introduced in
"Configuring ACL Control for TELNET Users".
Importing an ACL to Control SNMP Users
To control network management users with an ACL, import the defined ACL when
configuring the SNMP community name, username, and group name.
Perform the following configuration in system view.
Table 28 Define a Numbered Basic ACL
Operation
Import an ACL when configuring the SNMP
community name
Configuring ACL Control
Command
snmp-agent community { read | write }
community-name [ [ mib-view view-name ] | [
acl acl-number ] ]*
259