3com WX4400 3CRWX440095A Manual De Usuario
![3com](https://files.manualsbrain.com/attachments/960452ff43b9899cbcffced60c87abf956e7967a/common/fit/150/50/f6ac125d7af2cf40fec58935fa6d4bf71457a57efe50bee91208a434f325/brand_logo.jpeg)
set location policy
259
When applying security ACLs:
Use inacl inacl-name to filter traffic that enters the WX from users via a
MAP access port or wired authentication port, or from the network via a
network port.
MAP access port or wired authentication port, or from the network via a
network port.
Use outacl outacl-name to filter traffic sent from the switch to users via a
MAP access port or wired authentication port, or from the network via a
network port.
MAP access port or wired authentication port, or from the network via a
network port.
You can optionally add the suffixes .in and .out to inacl-name and
outacl-name so that they match the names of security ACLs stored in the
local WX database.
outacl-name so that they match the names of security ACLs stored in the
local WX database.
Examples — The following command denies network access to all users
at *.theirfirm.com, causing them to fail authorization:
at *.theirfirm.com, causing them to fail authorization:
WX4400# set location policy deny if user eq *.theirfirm.com
The following command authorizes access to the guest_1 VLAN for all
users who are not at *.wodefirm.com:
users who are not at *.wodefirm.com:
WX4400# set location policy permit vlan guest_1 if user neq
*.wodefirm.com
The following command authorizes users at *.ny.ourfirm.com to access
the bld4.tac VLAN instead, and applies the security ACL tac_24 to the
traffic they receive:
the bld4.tac VLAN instead, and applies the security ACL tac_24 to the
traffic they receive:
WX4400# set location policy permit vlan bld4.tac
outacl tac_24 if user eq *.ny.ourfirm.com
The following command authorizes access to users on VLANs with names
matching bld4.* and applies security ACLs svcs_2 to the traffic they send
and svcs_3 to the traffic they receive:
matching bld4.* and applies security ACLs svcs_2 to the traffic they send
and svcs_3 to the traffic they receive:
WX4400# set location policy permit inacl svcs_2 outacl svcs_3
if vlan eq bldg4.*
The following command authorizes users entering the network on WX
ports 1 and 2 to use the floor2 VLAN, overriding any settings from AAA:
ports 1 and 2 to use the floor2 VLAN, overriding any settings from AAA:
WX4400# set location policy permit vlan floor2 if port 1-2