Manualshelf

3Com Switch 7750 Configuration Guide Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
71727374757677787980
Controlling Network Management Users by Source IP Addresses 77
Defining an ACL
Applying the ACL to control users accessing the switch through SNMP
Prerequisites The controlling policy against network management users is determined, including
the source IP addresses to be controlled and the controlling actions (permitting or
denying).
Controlling Network
Management Users by
Source IP Addresses
Controlling network management users by source IP addresses is achieved by
applying basic ACLs, which are numbered from 2000 to 2999. For defining an
ACL, refer to the ACL part of the operation manual.
n
You can specify different ACLs while configuring the SNMP community name, the
SNMP group name, and the SNMP user name.
Table 34 Control network management users by source IP addresses
Operation Command Description
Enter system view system-view -
Create a basic ACL or enter
basic ACL view
acl { number acl-number |
name acl-name basic } [
match-order { config | auto
} ]
As for the acl number
command, the config
keyword is specified by
default.
Define rules for the ACL
rule [ rule-id ] { permit | deny
} [ source { source-addr
wildcard | any } | fragment |
time-range time-name ]*
Required
Quit to system view quit -
Apply the ACL while
configuring the SNMP
community name
snmp-agent community {
read | write }
community-name [ [
mib-view view-name ] | [ acl
acl-number ] ]*
Optional
By default, SNMPv1 and
SNMPv2c use community
name to access.
Apply the ACL while
configuring the SNMP group
name
snmp-agent group { v1 | v2c
} group-name [ read-view
read-view ] [ write-view
write-view ] [ notify-view
notify-view ] [ acl acl-number
]
snmp-agent group v3
group-name [
authentication | privacy ] [
read-view read-view ] [
write-view write-view ] [
notify-view notify-view ] [
acl acl-number ]
Optional
By default, the authentication
mode and the encryption
mode are configured as none
for the group.
Apply the ACL while
configuring the SNMP user
name
snmp-agent usm-user { v1 |
v2c } user-name group-name [
acl acl-number ]
snmp-agent usm-user v3
user-name group-name [
authentication-mode { md5
| sha } auth-password [
privacy-mode des56
priv-password ] [ acl
acl-number ]
Optional