Method 1 only configures the numerical value ACL. Method 2 can
configure names and numerical value ACL and specify the priorities of
table entries (in the devices that support ACE priority levels).
Showing IP ACL
To monitor access lists, run the following command the in privileged user mode:
Ruijie# show access-lists [ id | name ]
This command can be used to view the basic access list.
IP ACL Example
Configuration requirements:
There are two devices Switch A and Switch B, as shown in Figure 3:
Figure-3 Basic Access List Example
It is required to implement the following security functions by configuring access lists on Switch B.
1. Hosts at the 192.168.12.0/24 network section can only access the remote UNIX host TELNET
service during the normal working time period and deny the PING service.
2. On the Switch B console, access to any of the services of hosts at the 192.168.202.0/24
network section is denied.
The above case simplifies the application in the bank system. Namely, it only
allows the hosts on the Local Area Network of branches or savings agencies
to access the central host and disallows accessing the central host on the
device.
To Next Page
Loading...
