ACL Control Configuration 379Configuration Example Networking RequirementOnly SNMP users from 10.110.100.52 and 10.110.100.46 can access the Switch.Networking DiagramFigure 99 ACL Configuration for SNMP UsersConfiguration Procedure1 Define a basic ACL.[SW5500]acl number 2000 match-order config[SW5500-acl-baisc-2000]rule 1 permit source 10.110.100.52 0[SW5500-acl-baisc-2000]rule 2 permit source 10.110.100.46 0[SW5500-acl-baisc-2000]quit2 Import the ACL.[SW5500]snmp-agent community read 3Com acl 2000[SW5500]snmp-agent group v2c 3Comgroup acl 2000[SW5500]snmp-agent usm-user v2c 3Comuser 3Comgroup acl 2000Configuring ACL Controlover the HTTP UsersThe Switch 5500 Family supports the remote management through the Webinterface. The users can access the Switch through HTTP. Controlling such users withACL can help filter the illegal users and prevent them from accessing the local Switch.After configuring ACL control over these users, the Switch allows only one Web userto access the Ethernet Switch at one time.Take the following steps to control the HTTP users with ACL.1 Defining ACL2 Calling ACL to control HTTP usersThe follow section introduces the configuration procedures.Defining ACL You can only call the numbered basic ACL, ranging from 2000 to 2999, to implementACL control function. Use the same configuration commands introduced in the lastsection.Calling ACL to ControlHTTP UsersTo control the Web network management users with ACL, call the defined ACL.You can use the following commands to call an ACL. Perform the followingconfiguration in System View.InternetSwitch
