Operation Manual â ACL
H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1
ACL Configuration
1-21
2) Define an ACL for filtering requests destined for the wage server.
# Create ACL 3000 or enter ACL 3000 view.
[H3C] acl number 3000
# Define an ACL rule for requests destined for the wage server.
[H3C-acl-adv-3000] rule 1 deny ip destination 192.168.1.2 255.255.255.0
time-range test
[H3C-acl-adv-3000] quit
3) Apply the ACL on the port.
# Apply ACL 3000 on the port.
[H3C] interface gigabitethernet1/1/1
[H3C-GigabitEthernet1/1/1] packet-filter inbound ip-group 3000
1.9.3 Layer 2 ACL Configuration Example
I. Network requirements
Apply an ACL on GigabitEthernet1/1/1 port to filter packets with their source MAC
addresses being 000f-e20f-0101 and destination MAC addresses being
000f-e20f-0303 from 8:00 to 18:00 everyday.
II. Network diagram
Switch
#1
To router
Switch
#1
To router
Figure 1-3 Network diagram for Layer 2 ACL configuration
III. Configuration procedure
î Note:
Only the commands related to the ACL configuration are listed below.
1) Define the time range
# Define a periodic time range that is active from 8:00 to 18:00 everyday.
<H3C> system-view
[H3C] time-range test 8:00 to 18:00 daily
To Next Page
Loading...
