Acl configuration examples, Ipv4 acl configuration example, Network requirements – H3C Technologies H3C S12500 Series Switches User Manual

17

Task Command

Remarks

Clear statistics on one or all IPv6
basic and advanced ACLs.

reset acl ipv6 counter { acl6-number | all |
name acl6-name }

Available in user view.

ACL configuration examples

IMPORTANT:

By default, Ethernet, VLAN, and aggregate interfaces are down. To configure these interfaces, use the
undo shutdown command to bring them up first.

IPv4 ACL configuration example

Network requirements

A company interconnects its departments through a switch A. Configure an ACL to:

•

Permit access from the President's office at any time to the salary server.

•

Deny access from any other department to the salary server during office hours (from 8:00 to 18:00)

on working days.

Figure 1 Network diagram

Configuration procedure

1.

Create a periodic time range from 8:00 to 18:00 on working days.

system-view

[Switch] time-range trname 8:00 to 18:00 working-day

2.

Define ACLs:
# Create ACL 3000, and configure an ACL rule for it.

[Switch] acl number 3000

[Switch-acl-adv-3000] rule 1 permit ip source 129.111.1.2 0.0.0.0 destination

129.110.1.2 0.0.0.0