3 configuration example, I. network requirements, Ii. network diagram – H3C Technologies H3C S3100 Series Switches User Manual
Page 88: Iii. configuration procedure, 4 controlling web users by source ip address, 3 configuration example -7, 4 controlling web users by source ip address -7, 4 “controlling web, Users by source ip address
Operation Manual – Login
H3C S3100-52P Ethernet Switch
Chapter 8 User Control
8-7
systems that adopt SNMPv2c or higher SNMP versions. If you specify ACLs in the
commands, the network management users are filtered by the SNMP group name and
SNMP user name.
8.3.3 Configuration Example
I. Network requirements
Only SNMP users sourced from the IP addresses of 10.110.100.52 and 10.110.100.46
are permitted to access the switch.
II. Network diagram
Internet
Sw itch
Internet
Sw itch
s
Figure 8-2
Network diagram for controlling SNMP users using ACL
III. Configuration procedure
# Define a basic ACL.
[H3C] acl number 2000 match-order config
[H3C-acl-basic-2000] rule 1 permit source 10.110.100.52 0
[H3C-acl-basic-2000] rule 2 permit source 10.110.100.46 0
[H3C-acl-basic-2000] rule 3 deny source any
[H3C-acl-basic-2000] quit
# Apply the ACL to only permit SNMP users sourced from the IP addresses of
10.110.100.52 and 10.110.100.46 to access the switch.
[H3C] snmp-agent community read aaa acl 2000
[H3C] snmp-agent group v2c groupa acl 2000
[H3C] snmp-agent usm-user v2c usera groupa acl 2000
8.4 Controlling Web Users by Source IP Address
You can manage an S3100-52P Ethernet switch remotely through Web. Web users can
access a switch through HTTP connections.