R2511-HP MSR Router Series Fundamentals Command Reference(V5)
34
Parameters
acl-number: ACL number. The value ranges are as follows:
• WLAN ACL—100 to 199. WLAN ACLs are not supported on MSR50 routers that use MPU-G2 cards
and MSR93X(except JG512A, JG519A and JG597A) routers.
• Basic IPv4 ACL—2000 to 2999.
Usage guidelines
This command is not available in FIPS mode.
After the HTTP service is associated with an ACL, only the clients permitted by the ACL can access the
device through HTTP.
The HTTP service can be associated with a WLAN ACL and a basic ACL, and the two types of ACLs will
not overwrite each other. However, ACLs of the same type will overwrite each other. If you execute the ip
http acl command multiple times to associate the HTTP service with the same type of ACLs, the HTTP
service is only associated with the ACL specified most recently.
When the HTTP service is associated with a WLAN ACL, the HTTP service uses this ACL to filter wireless
clients only, and does not filter wired clients with this ACL.
Examples
# Associate the HTTP service with ACL 100 to allow only the wireless client with the SSID user-ssid-name
to access the device through HTTP.
<Sysname> system-view
[Sysname] acl number 100
[Sysname-acl-wlan-100] rule permit ssid user-ssid-name
[Sysname-acl-wlan-100] quit
[Sysname] ip http acl 100
# Associate the HTTP service with ACL 2001 to only allow the clients within the 10.10.0.0/16 network to
access the device through HTTP.
<Sysname> system-view
[Sysname] acl number 2001
[Sysname-acl-basic-2001] rule permit source 10.10.0.0 0.0.255.255
[Sysname-acl-basic-2001] quit
[Sysname] ip http acl 2001
Related commands
• display ip http
• acl number (ACL and QoS Command Reference)
ip http enable
Use ip http enable to enable the HTTP service.
Use undo ip http enable to disable the HTTP service.
Syntax
ip http enable
undo ip http enable