3com 5500-SI Manual Do Utilizador

C

HAPTER

 20: C

ONFIGURATION

 

FOR

 Q

O

S F

EATURES

This configuration can be implemented by means of Layer 2 ACL, which ranges from 
4000 to 4999. For the definition of ACL, refer to ACL part.

Only Telnet users from 10.110.100.52 and 10.110.100.46 can access the switch.

Figure 103   Perform ACL control over Telnet users of the switch

1 Define the basic ACL.

[S5500] acl number 2000 match-order config

[S5500-acl-basic-2000] rule 1 permit source 10.110.100.52 0

[S5500-acl-basic-2000] rule 2 permit source 10.110.100.46 0

[S5500-acl-basic-2000] rule 3 deny source any

[S5500-acl-basic-2000] quit

2 Reference an ACL.

[S5500] user-interface vty 0 4

[S5500-ui-vty0-4] acl 2000 inbound

Table 411   Control Telnet using Source MAC

Enter system view

system-view

—

Create or enter Layer 2 ACL 
view

acl number acl-number 

—

Define the subset principle

rule [ rule-id ] { permit | deny } [ 
[ type protocol-type type-mask | 
lsap lsap-type type-mask ] | 
format-type | cos cos | source { 
source-vlan-id | source-mac-addr 
source-mac-mask }* | dest { 
dest-mac-addr dest-mac-mask } | 
time-range name ]*

Required.
Users can configure the 
filtering rules for the related 
source MAC based on actual 
requirements.

Exit ACL view

quit

—

Enter user interface view

user-interface [ type ] 
first-number [ last-number ]

—

Reference an ACL, and 
control Telnet using source 
MAC

acl acl-number { inbound | 
outbound }

Required.
inbound: Perform ACL control 
over users Telnetting to the 
local switch.

outbound: Performs ACL 
control over users Telnetting to 
other switches from the local 
switch.

Internet

Switch