Configuration procedure, Ipv6 acl configuration example, Network requirements – H3C Technologies H3C WX3000E Series Wireless Switches User Manual
Page 20
11
Figure 1 Network diagram
Configuration procedure
1.
Create a periodic time range from 8:00 to 18:00 on working days.
<AC> system-view
[AC] time-range trname 8:00 to 18:00 working-day
2.
Define an ACL to control access to the salary server:
# Create an advanced IPv4 ACL numbered 3000 and enter its view.
[AC] acl number 3000
# Create a rule to permit packets to the salary server in the time range.
[AC-acl-adv-3000] rule 0 permit ip source any destination 192.168.1.2 0.0.0.0
time-range trname
[AC-acl-adv-3000] quit
3.
Apply the ACL:
# Apply IPv4 ACL 3000 to filter incoming packets on interface WLAN-ESS 1.
[AC] traffic classifier test
[AC-classifier-test] if-match acl 3000
[AC-classifier-test] quit
[AC] traffic behavior test
[AC-behavior-test] filter deny
[AC-behavior-test] quit
[AC] qos policy test
[AC-qospolicy-test] classifier test behavior test
[AC-qospolicy-test] quit
[AC] interface WLAN-ESS 1
[AC-WLAN-ESS1] qos apply policy test inbound
IPv6 ACL configuration example
Network requirements
Perform IPv6 packet filtering in the inbound direction of interface WLAN-ESS 1 to deny all IPv6 packets
but those with source addresses in the range 4050::9000 to 4050::90FF.
AC
GE 1/0/1
Server
192.168.1.2
IP network
AP 1
AP 2
Client A
Client B