3com 4210 PWR 9-Port 3CR17341-91-ME 用户手册
产品代码
3CR17341-91-ME
64
C
HAPTER
2: L
OGGING
INTO
AN
E
THERNET
S
WITCH
ACLs in the commands, the network management users are filtered by the SNMP
group name and SNMP user name.
group name and SNMP user name.
Configuration Example
Network requirements
Only SNMP users sourced from the IP addresses of 10.110.100.52 are permitted to
log into the switch.
log into the switch.
Network diagram
Figure 27 Network diagram for controlling SNMP users using ACLs
Configuration procedure
# Define a basic ACL.
<4210> system-view
[4210] acl number 2000
[4210-acl-basic-2000] rule 1 permit source 10.110.100.52 0
[4210-acl-basic-2000] quit
# Apply the ACL to only permit SNMP users sourced from the IP addresses of
10.110.100.52 to access the switch.
10.110.100.52 to access the switch.
[4210] snmp-agent community read aaa acl 2000
[4210] snmp-agent group v2c groupa acl 2000
[4210] snmp-agent usm-user v2c usera groupa acl 2000
Controlling Web Users
by Source IP Address
You can manage a Switch 4210 remotely through Web. Web users can access a
switch through HTTP connections.
switch through HTTP connections.
You need to perform the following two operations to control Web users by source
IP addresses.
IP addresses.
■
Defining an ACL
■
Applying the ACL to control Web users
Prerequisites
The controlling policy against Web users is determined, including the source IP
addresses to be controlled and the controlling actions (permitting or denying).
addresses to be controlled and the controlling actions (permitting or denying).
Controlling Web Users by Source IP Addresses
Controlling Web users by source IP addresses is achieved by applying basic ACLs,
which are numbered from 2000 to 2999.
which are numbered from 2000 to 2999.
Switch
PC
10.110.100.52
Internet