Configuring source ip-based web login control, Logging off online web users – H3C Technologies H3C S12500 Series Switches User Manual
Page 51
39
Step Command
Remarks
11.
Specify a privilege level
for the local user.
authorization-attribute level level
By default, no privilege level is specified
for a local user.
12.
Authorize the local user to
use the Web service.
service-type web
By default, no service type is authorized
to a local user.
13.
Exit to system view.
quit
N/A
14.
Create a VLAN interface
and enter its view.
interface vlan-interface
vlan-interface-id
If the VLAN interface already exists, the
command enters its view.
15.
Assign an IP address and
subnet mask to the
interface.
ip address ip-address { mask |
mask-length }
By default, no IP address is assigned to
the interface.
Configuring source IP-based Web login control
Use a basic ACL (2000 to 2999) to filter HTTP traffic by source IP address for Web login control. To
access the device, a Web user must use an IP address permitted by the ACL. For more information about
ACL, see ACL and QoS Configuration Guide.
You can also log off suspicious Web users that have been logged in.
Configuring source IP-based Web login control
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Create a basic ACL and enter
its view, or enter the view of
an existing basic ACL.
acl [ ipv6 ] number acl-number
[ match-order { config | auto } ]
By default, no basic ACL exists.
3.
Create rules for this ACL.
rule [ rule-id ] { permit | deny }
[ source { sour-addr sour-wildcard
| any } | time-range time-name |
fragment | logging ]*
N/A
4.
Exit the basic ACL view.
quit
N/A
5.
Associate the HTTP service
with the ACL.
ip http acl acl-number N/A
Logging off online Web users
Task Command
Remarks
Log off online Web users.
free web-users { all | user-id
user-id | user-name user-name } Available in user interface view.