80 CHAPTER 8: CONTROLLING LOGIN USERS
You need to perform the following two operations to control Web users by source
IP addresses.
■ Defining an ACL
■ Applying the ACL to control Web users
Prerequisites The controlling policy against Web users is determined, including the source IP
addresses to be controlled and the controlling actions (permitting or denying).
Controlling Web Users
by Source IP Addresses
Controlling Web users by source IP addresses is achieved by applying basic ACLs,
which are numbered from 2000 to 2999.
Disconnecting a Web
User by Force
The administrator can disconnect a Web user by force using the related command.
Configuration Example Network requirements
Only the users sourced from the IP address of 10.110.100.52 are permitted to
access the switch.
Network diagram
Figure 24 Network diagram for controlling Web users using ACLs
To do… Use the command… Remarks
Enter system view system-view -
Create a basic ACL or
enter basic ACL view
acl number acl-number
[ match-order { config | auto }]
As for the acl number
command, the config
keyword is specified by
default.
Define rules for the ACL rule [ rule-id ] { permit | deny }
[ source { sour-addr sour-wildcard |
any } | time-range time-name |
fragment | logging ]*
Required
Quit to system view quit -
Apply the ACL to
control Web users
ip http acl acl-number Optional
To do… Use the command… Remarks
Disconnect a Web user by
force
free web-users { all | user-id
user-id | user-name
user-name }
Required
Execute this command in user
view.
Switch
10.110.100.46
Host A
IP network
Host B
10.110.100.52
To Next Page
Loading...
