3com WX2200 3CRWX220095A Manual De Usuario
Security ACL Configuration Scenario
411
4 To map acl-99 to port 6 to filter incoming packets, type the following
command:
WX1200# set security acl map acl-99 port 6 in
mapping configuration accepted
mapping configuration accepted
Because every security ACL includes an implicit rule denying all traffic that
is not permitted, port 6 now accepts packets only from 192.168.1.1, and
denies all other packets.
is not permitted, port 6 now accepts packets only from 192.168.1.1, and
denies all other packets.
5 To map acl-99 to user Natasha’s sessions when you are using the local WX
database for authentication, configure Natasha in the database with the
Filter-Id attribute. Type the following commands:
Filter-Id attribute. Type the following commands:
WX1200# set authentication dot1x Natasha local
success: change accepted.
WX1200# set user natasha attr filter-id acl-99.in
success: change accepted.
success: change accepted.
WX1200# set user natasha attr filter-id acl-99.in
success: change accepted.
6 Alternatively, you can map acl-99 to Natasha’s sessions when you are
using a remote RADIUS server for authentication. To configure Natasha
for pass-through authentication to the RADIUS server shorebirds, type the
following command:
for pass-through authentication to the RADIUS server shorebirds, type the
following command:
WX1200# set authentication dot1x Natasha pass-through
shorebirds
success: change accepted.
shorebirds
success: change accepted.
You must then map the security ACL to Natasha’s session in RADIUS. For
instructions, see the documentation for your RADIUS server.
instructions, see the documentation for your RADIUS server.
7 To save your configuration, type the following command:
WX1200# save config
success: configuration saved.
success: configuration saved.