156 CHAPTER 7: QOS/ OPERATION
Define the work time range:
1 Set the time range 8:00 to 18:00.
[SW7750] time-range 3com 8:00 to 18:00 working day
Define the ACL to access the payment server:
1 Enter the name of the advanced ACL, named traffic-of-payserver.
[SW7750]acl name traffic-of-payserver advanced match-order config
2 Set the rules for other department to access the payment server.
[SW7750-acl-adv-traffic-of-payserver]rule 1 deny ip source any
destination 129.110.1.2 0.0.0.0 time-range 3com
3 Set the rules for the Office of President to access the payment server.
[SW7750-acl-adv-traffic-of-payserver]rule 2 permit ip source
129.111.1.2 0.0.0.0 destination 129.110.1.2 0.0.0.0
Activate ACL:
1 Activate the traffic-of-payserver ACL .
[SW7750-Ethernet2/0/1]qos
[SW7750-qoss-Ethernet2/0/1]packet-filter inbound ip-group
traffic-of-payserver
Basic ACL Using basic ACL, filter the packet with source IP address 10.1.1.1 between 8:00
and 18:00 every day. The host connects to port Ethernet2/0/1 of the switch.
Figure 38 Access Control Configuration Example
In the following configurations, only the commands related to ACL configurations
are listed.
1 Define the time range
Define time range 8:00 to 18:00.
[SW7750]time-range 3com 8:00 to 18:00 daily
2 Select ACL mode
Select ip-based ACL mode.
[SW7750]acl mode ip-based
3 Define the ACL for packet with source IP address 10.1.1.1.
Enter the named basic ACL, named as traffic-of-host.
[SW7750]acl name traffic-of-host basic
Switch
#1
connect to Router