HP 6125G HP 6125G & 6125G/XG Blade Switches Fundamentals Configuration - Page 75

Configuration procedure # Create ACL 2000, and configure rule 1 to permit packets sourced from Host B, and rule 2 to permit packets sourced from Host A. system-view [Sysname] acl number 2000 match-order config [Sysname-acl-basic-2000] rule 1 permit source 10.110.100.52 0 [Sysname-acl-basic-2000] rule 2 permit source 10.110.100.46 0 [Sysname-acl-basic-2000] quit # Associate the ACL with the SNMP community and the SNMP group. [Sysname] snmp-agent community read aaa acl 2000 [Sysname] snmp-agent group v2c groupa acl 2000 [Sysname] snmp-agent usm-user v2c usera groupa acl 2000 Configuring Web login control Use a basic ACL (2000 to 2999) to filter HTTP traffic by source IP address for Web login control. To access the device, a Web user must use an IP address permitted by the ACL. You can also log off suspicious Web users who have been logged in. Configuring source IP-based Web login control Step 1. Enter system view. 2. Create a basic ACL and enter its view, or enter the view of an existing basic ACL. Command system-view acl [ ipv6 ] number acl-number [ match-order { config | auto } ] Remarks N/A By default, no basic ACL exists. 3. Create rules for this ACL. rule [ rule-id ] { permit | deny } [ source { sour-addr sour-wildcard | any } | time-range time-name | fragment | logging ]* N/A 4. Exit the basic ACL view. quit N/A 5. Associate the HTTP or HTTPS • ip http acl acl-number service with the ACL. • ip https acl acl-number HTTP and HTTPS are independent of each other. Configure one or both of the commands as required. Logging off online Web users Task Log off online Web users. Command Remarks free web-users { all | user-id user-id | user-name user-name } Available in user interface view 69