82
# Associate the ACL with the SNMP community and the SNMP group.
[Sysname] snmp-agent community read aaa acl 2000
[Sysname] snmp-agent group v2c groupa acl 2000
[Sysname] snmp-agent usm-user v2c usera groupa acl 2000
Configuring source IP-based login control over web
users
Log in to the web management page of the device through HTTP/HTTPS to remotely manage the devices. By
using the ACL, control web user access to the device.
Configuration preparation
Before configuration, determine the permitted or denied source IP addresses.
Configuring source IP-based login control over web users
Because basic ACLs match the source IP addresses of packets, use basic ACLs to implement source IP-based
login control over web users. Basic ACLs are numbered from 2000 to 2999. For more information about ACL,
see ACL and QoS Configuration Guide.
To configure source IP-based login control over web users:
Ste
Command
Remarks
1. Enter system view.
system-view —
2. Create a basic ACL and enter its view, or enter the
view of an existing basic ACL.
acl [ ipv6 ] number
acl-number [ match-order
{ config | auto } ]
Required.
By default, no basic
ACL exists.
3. Create rules for this ACL.
rule [ rule-id ] { permit |
deny } [ source { sour-addr
sour-wildcard | any } |
time-range time-name |
fragment | logging ]*
Required.
4. Exit the basic ACL view.
quit —
5. Associate the HTTP service with the ACL.
ip http acl acl-number
Required to use one
command.
6. Associate the HTTPS service with the ACL. ip https acl acl-number
To Next Page
Loading...
Need help?
General
