R3204P16-HP Load Balancing Module System Management Configuration Guide-6PW101
85
Configuring source IP-based login control over web users
Basic ACLs match the source IP addresses of packets, so you can use basic ACLs to implement source
IP-based login control over web users. Basic ACLs are numbered from 2000 to 2999. For more
information about ACL, see Security Configuration Guide.
Follow these steps to configure source IP-based login control over web users:
To do… Use the command…
Remarks
Enter system view system-view —
Create a basic ACL and enter
its view, or enter the view of an
existing basic ACL
acl number acl-number [ match-order
{ config | auto } ]
Required
By default, no basic ACL exists.
Create rules for this ACL
rule [ rule-id ] { permit | deny } [ source
{ sour-addr sour-wildcard | any } |
time-range time-name | fragment |
logging ]*
Required
Exit the basic ACL view
quit —
Associate the HTTP service with
the ACL
ip http acl acl-number
Required to use one command
Associate the HTTPS service
with the ACL
ip https acl acl-number
Logging off online web users
Follow the step to log off online web users:
To do… Use the command…
Remarks
Log off online web users
free web-users { all | user-id
user-id | user-name user-name }
Required
Execute the command in user interface view.
Source IP-based login control over web users configuration
example
Network requirements
As shown in Figure 48, configure the LB module to allow only web users from Host B to access.