Knowledge Base

Design & Configure

Access Control List example (Huawei)

Technology: Network Security
Area: ACL
Vendor: Huawei
Software: eNSP
Platform: Huawei switches and routers

An Access Control List (ACL) is a set of rules that classify packets to filter them. An ACL can contain multiple rules. A rule is identified by a rule ID, which can be set by a user or automatically generated based on the ACL step. All rules in an ACL are arranged in ascending order of rule IDs.

To configure ACL, use the following command:

[Huawei]interface GigabitEtherent 0/0/1
[Huawei-interface GigabitEtherent 0/0/1]ip address 24
[Huawei-interface GigabitEtherent 0/0/0]quit
[[Huawei] acl 3000
[[Huawei-acl-adv-3000]rule 5 permit tcp source destination destination-port eq 23
[[Huawei-acl-adv-3000]rule 10 permit ip source destination any
[Huawei-acl-adv-3000]rule 15 deny ip[[Huawei-acl-adv-3000]]quit

[Huawei]display acl 3000  
Total quantity of nonempty ACL number is 2
Advanced ACL 3000, 1 rule
Acl's step is 5
rule 15 deny ip source destination 0 time-range satime(Active)

Author: Marcin Bialy