3Com WX2200 3CRWX220095A Switch User Manual


 
Security ACL Configuration Scenario 411
4 To map acl-99 to port 6 to filter incoming packets, type the following
command:
WX1200# set security acl map acl-99 port 6 in
mapping configuration accepted
Because every security ACL includes an implicit rule denying all traffic that
is not permitted, port 6 now accepts packets only from 192.168.1.1, and
denies all other packets.
5 To map acl-99 to user Natasha’s sessions when you are using the local WX
database for authentication, configure Natasha in the database with the
Filter-Id attribute. Type the following commands:
WX1200# set authentication dot1x Natasha local
success: change accepted.
WX1200# set user natasha attr filter-id acl-99.in
success: change accepted.
6 Alternatively, you can map acl-99 to Natasha’s sessions when you are
using a remote RADIUS server for authentication. To configure Natasha
for pass-through authentication to the RADIUS server shorebirds, type the
following command:
WX1200# set authentication dot1x Natasha pass-through
shorebirds
success: change accepted.
You must then map the security ACL to Natasha’s session in RADIUS. For
instructions, see the documentation for your RADIUS server.
7 To save your configuration, type the following command:
WX1200# save config
success: configuration saved.