3com WX4400 3CRWX440095A Manual De Usuario

When applying security ACLs:

Use inacl inacl-name to filter traffic that enters the WX from users via a 
MAP access port or wired authentication port, or from the network via a 
network port. 

Use outacl outacl-name to filter traffic sent from the switch to users via a 
MAP access port or wired authentication port, or from the network via a 
network port. 

You can optionally add the suffixes .in and .out to inacl-name and 
outacl-name so that they match the names of security ACLs stored in the 
local WX database.

Examples — The following command denies network access to all users 
at *.theirfirm.com, causing them to fail authorization:

WX4400# set location policy deny if user eq *.theirfirm.com

The following command authorizes access to the guest_1 VLAN for all 
users who are not at *.wodefirm.com:

WX4400# set location policy permit vlan guest_1 if user neq 

The following command authorizes users at *.ny.ourfirm.com to access 
the bld4.tac VLAN instead, and applies the security ACL tac_24 to the 
traffic they receive:

WX4400# set location policy permit vlan bld4.tac 

The following command authorizes access to users on VLANs with names 
matching bld4.* and applies security ACLs svcs_2 to the traffic they send 
and svcs_3 to the traffic they receive:

WX4400# set location policy permit inacl svcs_2 outacl svcs_3 

The following command authorizes users entering the network on WX 
ports 1 and 2 to use the floor2 VLAN, overriding any settings from AAA:

WX4400# set location policy permit vlan floor2 if port 1-2