No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

AR Router Troubleshooting Guide

This Product Documentation provides guidance for maintaining AR Enterprise Router, covering common information collection and fault diagnostic commands, typical fault troubleshooting guide, and troubleshooting.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
How Do I Restrict Access of Some Terminals to the Internet?

How Do I Restrict Access of Some Terminals to the Internet?

When an intranet host tries to access the Internet, NAT is required. To restrict the access rights of certain terminals, you can specify a range of source IP addresses that can be translated in the ACL rules bound to outbound NAT. The terminals whose IP addresses are not in this range cannot access the Internet. Alternatively, you can configure a range of source IP addresses that cannot be translated in ACL rules, and the terminals whose IP addresses are in this range cannot access the Internet.

Procedure

For example, allow access of hosts on the 192.168.10.0 network segment to the Internet, and deny access of hosts on the 192.168.20.0 network segment to the Internet.

<Huawei> system-view 
[Huawei] acl 2000
[Huawei-acl-basic-2000] rule 5 permit source 192.168.10.0 0.0.0.255
[Huawei-acl-basic-2000] rule 10 deny source 192.168.20.0 0.0.0.255
[Huawei-acl-basic-2000] quit
[Huawei] interface gigabitethernet 0/0/1     
[Huawei-GigabitEthernet0/0/1] nat outbound 2000   
Translation
Download
Updated: 2019-05-10

Document ID: EDOC1000079719

Views: 444693

Downloads: 4299

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next