75
Configuring source IP-based Web login control
Web login requests contain usernames and passwords. For security purposes, the device always
uses HTTPS to transfer Web login requests. Only users that are permitted by the following ACLs can
access the device through HTTP:
•
ACL applied to the HTTPS service.
•
ACL applied to the HTTP service.
To configure source IP-based Web login control:
Step
Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Apply a basic ACL for
Web access control.
•
ip http acl
{
acl-number
|
name acl-name
}
•
ip https acl
{
acl-number
|
name
acl-name
}
By default, no ACL is
applied to the HTTP or
HTTPS service.
Logging off online Web users
To log off online Web users, execute the following command in user view:
Task
Command
Log off online Web users.
free web-users
{
all
|
user-id user-id
|
user-name user-name
}
Configuration example
Network requirements
As shown in
, the device is an HTTP server.
Configure the device to provide HTTP service only to Host B.
Figure 17
Network diagram
Configuration procedure
# Create an ACL and configure rule 1 to permit packets sourced from Host B.
<Sysname> system-view
[Sysname] acl basic 2030 match-order config
[Sysname-acl-ipv4-basic-2030] rule 1 permit source 10.110.100.52 0
Host B
10.110.100.52
Device
IP network
Host A
10.110.100.46
Содержание FlexNetwork 10500 Series
Страница 139: ...130 Sysname display version ...