Network requirements – H3C Technologies H3C S7500E Series Switches User Manual

5-5

To do…

Use the command…

Remarks

Create a basic ACL and enter its

view, or enter the view of an

existing basic ACL

acl [ ipv6 ] number acl-number

[ match-order { config | auto } ]

Required

By default, no basic ACL exists.

Create rules for this ACL

rule [ rule-id ] { permit | deny }

[ source { sour-addr sour-wildcard

| any } | time-range time-name |

fragment | logging ]*

Required

Exit the basic ACL view

quit

—

Associate this SNMP community

with the ACL

snmp-agent community { read |

write } community-name [ acl

acl-number | mib-view

view-name ]*

Associate the SNMP group with

the ACL

snmp-agent group { v1 | v2c }

group-name [ read-view

read-view ] [ write-view

write-view ] [ notify-view

notify-view ] [ acl acl-number ]

snmp-agent group v3

group-name [ authentication |

privacy ] [ read-view read-view ]

[ write-view write-view ]

[ notify-view notify-view ] [ acl

acl-number ]

Associate the user with the ACL

snmp-agent usm-user { v1 | v2c }

user-name group-name [ acl

acl-number ]

snmp-agent usm-user v3

user-name group-name [ [ cipher ]

authentication-mode { md5 |

sha } auth-password

[ privacy-mode { 3des | aes128 |

des56 } priv-password ] ] [ acl

acl-number ]

Required

You can associate the ACL when

creating the community, the SNMP

group, and the user.

For more information about SNMP,

see SNMP Configuration in the

Network Management and

Monitoring Configuration Guide.

Source IP-Based Login Control Over NMS Users Configuration Example

Network requirements

As shown in

Figure 5-2

, configure the device to allow only NMS users from Host A and Host B to

access.