Manualshelf

3Com Switch 4200G Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
221222223224225226227228229230
ACL Configuration Examples 211
Configuration procedure
Only the commands related to the ACL configuration are listed below.
1 Define a time range that contain a periodic time section from 8:00 to 18:00.
<S4200G> system-view
[4200G] time-range test 8:00 to 18:00 working-day
2 Define an ACL on traffic to the wage server. Enter advanced ACL view of ACL 3000.
[4200G] acl number 3000
3 Define an ACL rule for access to the wage server by other departments.
[4200G-acl-adv-3000] rule 1 deny ip source any destination 129.110.1.2
0.0.0.0 time-range test
[4200G-acl-adv-3000] quit
4 Apply the ACL on the port. Apply ACL 3000 on the port.
[4200G] interface gigabitethernet1/0/1
[4200G-GigabitEthernet1/0/1] packet-filter inbound ip-group 3000
Basic ACL Configuration
Example
Network requirements
Through basic ACL configuration, packets from the host with the source IP address of
10.1.1.1 (the host is connected to the switch through Ethernet1/0/1) are to be filtered
within the time range from 8:00 to 18:00 everyday.
Network diagram
Figure 62 Network diagram for basic ACL configuration
Configuration procedure
Only the commands related to the ACL configuration are listed below.
1 Define the time range. Define the time range from 8:00 to 18:00.
<S4200G> system-view
[4200G] time-range test 8:00 to 18:00 daily
2 Define an ACL for packets with the source IP address of 10.1.1.1 Enter basic ACL view
of ACL 2000.
[4200G] acl number 2000
3 Define an access rule for the source IP address of 10.1.1.1
[4200G-acl-basic-2000] rule 1 deny source 10.1.1.1 0 time-range test
[4200G-acl-basic-2000] quit
4 Apply the ACL on the port. 1Apply ACL 2000 on the port.
[4200G] interface gigabitethernet1/0/1
[4200G-GigabitEthernet1/0/1] packet-filter inbound ip-group 2000