236 CHAPTER 7: QOS/ACL OPERATION
Figure 15 Networking for QoS Configuration
1 Define the time range from 8:00 to 18:00.
[SW8800]time-range 3com 8:00 to 18:00 daily
2 Define the traffic from PC1.
Define ACL rule for the traffic from PC1.
[SW8800]acl number 2000
[SW8800-acl-basic-2000]rule 0 permit source 1.0.0.1 0.0.0.0
time-range 3com
3 Count the packets to PC1 and display the result using the display command.
[SW8800-GigabitEthernet7/1/1]traffic-statistic inbound ip-group 2000
rule 0
[SW8800]display qos-interface GigabitEthernet7/1/1 traffic-statistic
Configuring Logon
User ACL Control
As switches are used more and more widely over the networks, the issue of
security becomes even more important. The switches provide several logon and
device accessing measures, mainly including TELNET access, SNMP access, and
HTTP access. The security control over the access measures is provided with the
switches to prevent illegal users from logging on to and accessing the devices.
There are two levels of security controls. At the first level, the user connection is
controlled with ACL filter and only the legal users can be connected to the switch.
At the second level, a connected user can log on to the device only if he can pass
the password authentication.
This chapter mainly introduces how to configure the first level security control over
these access measures, that is, how to configure to filter the logon users with ACL.
For detailed description about how to configure the first level security, refer to
"getting started" module of Operation Manual.
Configuring ACL for
Telnet Users
This configuration can filter out malicious or illegal connection requests before
password authentication.
Two steps are included in this configuration:
1 Define an ACL
2 Import the ACL to control Telnet users
GE7/1/8
GE7/1/1
GE7/1/2
VLAN2,
1.0.0.1/8
VLAN3,
2.0.0.1/8
PC1
PC2
GE7/1/8
GE7/1/1
GE7/1/2
VLAN2,
1.0.0.1/8
VLAN3,
2.0.0.1/8
PC1
PC2