Operation Manual - QoS/ACL
Quidway S6500 Series Ethernet Switches Chapter 3 ACL Configuration
Huawei Technologies Proprietary
3-4
3.3 Configuring ACL for SNMP Users
Huawei Quidway series Ethernet switches support remote network management (NM)
and the user can use SNMP to access them. Proper ACL configuration can prevent
illegal users from logging onto the switches.
Two steps are included in this configuration:
1) Define an ACL
2) Import the ACL to control SNMP users
3.3.1 Defining ACL
Currently only number-based ACLs can be imported, with the number ranging from
2000 to 2999. See
3.3.1 Defining ACL for detailed configuration.
3.3.2 Importing ACL
Import the defined ACL into the commands with SNMP community, username and
group name configured, to achieve ACL control over SNMP users.
Please perform the following configurations in system view.
Table 3-4 Importing ACL
Operation Command
Import the defined
ACL into the
commands with
SNMP community
configured
snmp-agent community { read | write } community-name
[ [ mib-view view-name ] | [ acl acl-number ] ]*
Import the defined
ACL into the
commands with
SNMP group name
configured
snmp-agent group { v1 | v2c } group-name [ read-view
read-view ] [ write-view write-view ] [ notify-view
notify-view ] [ acl acl-number ]
snmp-agent group v3 group-name [ authentication |
privacy ] [ read-view read-view ] [ write-view write-view ]
[ notify-view notify-view ] [ acl acl-number ]
Import the defined
ACL into the
commands with
SNMP username
configured
snmp-agent usm-user { v1 | v2c } user-name group-name
[ acl acl-number ]
snmp-agent usm-user v3 user-name group-name
[ authentication-mode { md5 | sha } auth-password
privacy-mode des56 priv-password
] [ acl acl-number ]
SNMP community is one of the features of SNMP v1 and SNMP v2, so you import the
ACL into the commands with SNMP community configured, for the SNMP V1 and
SNMP V2.