Configuration example, Network requirements – H3C Technologies H3C S5120 Series Switches User Manual

7-5

To do…

Use the command…

Remarks

Create a basic ACL or enter
basic ACL view

acl number

acl-number

[ match-order { config |
auto } ]

As for the acl number
command, the config keyword
is specified by default.

Define rules for the ACL

rule [ rule-id ] { permit | deny }
[

source

{ sour-addr

sour-wildcard | any

} |

time-range

time-name

|

fragment | logging ]*

Required

Quit to system view

quit

—

Apply the ACL while configuring
the SNMP community name

snmp-agent community
{

read | write }

community-name [ mib-view
view-name | acl acl-number ]*

Apply the ACL while configuring
the SNMP group name

snmp-agent group { v1 | v2c }
group-name

[ read-view

read-view

] [ write-view

write-view ] [ notify-view
notify-view ] [ acl acl-number ]

snmp-agent group

v3

group-name [ authentication |
privacy ] [ read-view
read-view

] [ write-view

write-view ] [ notify-view
notify-view ] [ acl acl-number ]

Apply the ACL while configuring
the SNMP user name

snmp-agent usm-user { v1 |
v2c } user-name group-name
[ acl acl-number ]

snmp-agent usm-user

v3

user-name

group-name

[ [ cipher ]
authentication-mode { md5 |
sha } auth-password
[ privacy-mode { aes128 |
des56 } priv-password ] ] [ acl
acl-number ]

Required

According to the SNMP version
and configuration customs of
NMS users, you can reference
an ACL when configuring
community name, group name
or username. For the detailed
configuration, refer to SNMP
Configuration.

Configuration Example

Network requirements

Only SNMP users sourced from the IP addresses of 10.110.100.52 and 10.110.100.46 are permitted to

access the switch.