9
1. Enter system view.
system-view N/A
2. Create a Layer 2 ACL and
enter its view.
acl mac
{ acl-number |
name
acl-name } [
match-order
{
auto
|
config
} ]
By default, no ACL exists.
The value range for a numbered
Layer 2 ACL is 4000 to 4999.
Use the
acl mac
acl-number
command to enter the view of a
numbered Layer 2 ACL.
Use the
acl mac name
acl-name
command to enter the view of a
named Layer 2 ACL.
3. (Optional.) Configure a
description for the Layer 2
ACL.
description
text
By default, a Layer 2 ACL does
not have a description.
4. (Optional.) Set the rule
numbering step.
step
step-value
By default, the rule numbering
step is 5 and the start rule ID is 0.
5. Create or edit a rule.
rule
[ rule-id ] {
deny
|
permit
}
[
cos
vlan-pri |
dest-mac
dest-address dest-mask | {
lsap
lsap-type lsap-type-mask |
type
protocol-type
protocol-type-mask } |
source-mac
source-address
source-mask |
time-range
time-range-name ] *
By default
,
a Layer 2 ACL does
not contain any rules.
6. (Optional.) Add or edit a rule
comment.
rule
rule-id
comment
text
By default, no rule comment is
configured.
Configuring a WLAN client ACL
WLAN client ACLs match packets based on t he SSID that the WLAN clients use to access the
WLAN. You can use WLAN client ACLs to perform access control on WLAN clients.
To configure a WLAN client ACL:
1. Enter system view.
system-view N/A
2. Create a WLAN client ACL
and enter its view.
acl wlan client
{ acl-number |
name
acl-name }
By default, no ACL exists.
The value range for a numbered WLAN
client ACL is 100 to 199.
Use the
acl wlan client
acl-number
command to enter the view of a
numbered WLAN client ACL.
Use the
acl wlan client name
acl-name command to enter the view of
a named WLAN client ACL.
3. (Optional.) Configure a
description for the WLAN
client ACL.
description
text
By default, a WLAN client ACL does not
have a description.
4. (Optional.) Set the rule
numbering step.
step
step-value
By default, the rule numbering step is 5
and the start rule ID is 0.
To Next Page
Loading...
