Configuration procedure, Ipv6 acl configuration example, Network requirements – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

11

Figure 1 Network diagram

Configuration procedure

1.

Create a periodic time range from 8:00 to 18:00 on working days.

<AC> system-view

[AC] time-range trname 8:00 to 18:00 working-day

2.

Define an ACL to control access to the salary server:
# Create an advanced IPv4 ACL numbered 3000 and enter its view.

[AC] acl number 3000

# Create a rule to permit packets to the salary server in the time range.

[AC-acl-adv-3000] rule 0 permit ip source any destination 192.168.1.2 0.0.0.0

time-range trname

[AC-acl-adv-3000] quit

3.

Apply the ACL:
# Apply IPv4 ACL 3000 to filter incoming packets on interface WLAN-ESS 1.

[AC] traffic classifier test

[AC-classifier-test] if-match acl 3000

[AC-classifier-test] quit

[AC] traffic behavior test

[AC-behavior-test] filter deny

[AC-behavior-test] quit

[AC] qos policy test

[AC-qospolicy-test] classifier test behavior test

[AC-qospolicy-test] quit

[AC] interface WLAN-ESS 1

[AC-WLAN-ESS1] qos apply policy test inbound

IPv6 ACL configuration example

Network requirements

Perform IPv6 packet filtering in the inbound direction of interface WLAN-ESS 1 to deny all IPv6 packets

but those with source addresses in the range 4050::9000 to 4050::90FF.

AC

GE 1/0/1

Server

192.168.1.2

IP network

AP 1

AP 2

Client A

Client B