Acl Assignment Configuration Example - HP FlexNetwork 10500 Series Security Configuration Manual
Hide thumbs
Also See for FlexNetwork 10500 Series:
- Configuration manual (512 pages) ,
- Specifications (42 pages) ,
- Datasheet (20 pages)
Table of Contents
Advertisement
MAC authentication
Carry User-IP
Authentication domain
Auth-delay timer
Re-auth server-unreachable : Logoff
Guest VLAN
Guest VLAN auth-period
Critical VLAN
Critical voice VLAN
Host mode
Offline detection
Authentication order
Max online users
Authentication attempts
Current online users
MAC address
00e0-fc12-3456
ACL assignment configuration example
Network requirements
As shown in
•
Use RADIUS servers to perform authentication, authorization, and accounting for users.
•
Perform MAC authentication on GigabitEthernet 1/0/1 to control Internet access.
•
Use MAC-based user accounts for MAC authentication users. Each MAC address is in the
hexadecimal notation with hyphens, and letters are in lower case.
•
Use an ACL to deny authenticated users to access the FTP server at 10.0.0.1.
Figure 44 Network diagram
Configuration procedure
Make sure the RADIUS servers and the access device can reach each other.
1.
Configure ACL 3000 to deny packets destined for 10.0.0.1.
<Device> system-view
[Device] acl number 3000
[Device-acl-adv-3000] rule 0 deny ip destination 10.0.0.1 0
[Device-acl-adv-3000] quit
: Enabled
: Disabled
: Not configured
: Disabled
: Not configured
: 30 s
: Not configured
: Disabled
: Single VLAN
: Enabled
: Default
: 4294967295
: successful 1, failed 0
: 0
Auth state
Authenticated
Figure
44, configure the device to meet the following requirements:
131
Advertisement
Table of Contents
Troubleshooting
