To Next Page

To Previous Page

ZXR108900SeriesUserManual(BasicCongurationVolume)

ACLConfigurationExample

AcompanyhasanEthernetswitch,towhichusersofbothAand

Bdepartmentandserversareconnected.ThisisshowninFigure

26.Therelevantprovisionsareasfollows:

�UsersofbothAandBdepartmentareforbiddentoaccessthe

FTPserverandtheVODserverinworktime(9:00–17:00),but

canaccesstheMailserveratanytime.

�InternaluserscanaccesstheInternetthroughproxy

192.168.3.100,butusersofdepartmentAareforbiddento

accesstheInternetinworktime.

�GeneralManagersofbothAandBdepartment(withtheirIP

addressesas192.168.1.100and192.168.2.100respectively)

mayaccesstheInternetandallserversatanytime.

TheIPaddressesoftheserversareasfollows:

�Mailserver:192.168.4.50

�FTPserver:192.168.4.60

�VODserver:192.168.4.70

FIGURE26ACLCONFIGURATIONEXAMPLE

Switchconguration:

/*Configureatimerange*/

ZXR10(config)#time-rangeenable

ZXR10(config)#time-rangeworking-time

ZXR10(config-tr)#periodicdaily09:00:00to17:00:00

/*DefineanextendedACLtolimittheusersofDepartmentA*/

ZXR10(config)#aclextendnumber100

ZXR10(config-ext-acl)#rule1permitip192.168.1.1000.0.0.0any

ZXR10(config-ext-acl)#rule2denyip192.168.1.00.0.0.255192

168.4.600.0.0.0time-rangeworking-time

ZXR10(config-ext-acl)#rule3denytcpanyeq8888

88CondentialandProprietaryInformationofZTECORPORATION

Zte ZXR10 8900 Series User Manual

Other manuals for Zte ZXR10 8900 Series