3Com Switch 8800 Advanced Software V5 Configuration Guide
812 CHAPTER 57: IPV4 ACL CONFIGURATION
IPv4 ACL
Configuration
Examples
IPv4 ACL Configuration
Examples
Network Requirements
A company interconnects its departments through the Device. The President’s
Office uses IP address 129.111.1.2; the salary server of the Finance Department
uses IP address 129.110.1.2.
Configure an ACL to deny accesses of all departments but the President’s Office to
the salary server during office hours from 8:00 to 18:00 in working days.
Network Diagram
Configuration Procedure
1 Create a time range for office hours
# Create a periodic time range spanning 8:00 to 18:00 in working days.
<Sysname> system-view
[Sysname] time-range trname 8:00 to 18:00 working-day
2 Define an ACL to control accesses to the salary server
# Create and enter the view of ACL 3000.
[Sysname] acl number 3000
# Create a rule to control access of the President’s Office to the salary server.
[Sysname-acl-adv-3000] rule 1 permit ip source 129.111.1.2 0.0.0.0
[Sysname-acl-adv-3000] quit
# Create a rule to control accesses of other departments to the salary server.
Eth3/1/4Eth3/1/1
Eth3/1/2 Eth 3/1/3
129.111.1.2/16
129.110.1.2/16
Device
Financial department Administration department
Salary server
Presidentÿs office