Create Date: Mar 12 2013 1:37PM
If you have more than one IP to allow the standard policy ACLs are probably cleaner and easier to maintain. They're not difficult to set up. I use the command line editor via SSH to do my policy file editing (it's a built-in version of vi.)
1. edit policy ip-restriction
2. hit "i" to enter interactive mode, then paste the rule
3. hit esc, then type ZZ to save and quit the editor (like I said, it's vi, so editor commands are the same)
3a. [Optional, but recommended] check policy ip-restriction
4. configure access-list ip-restriction ports 1:5
Done. You can type "ls" into the main CLI to see all the policy files you have saved on the switch (it's a stripped-down, busybox-type linux shell.) You can also transfer files to the switch via TFTP or SFTP if you're more comfortable with that. I'm sure Ridgeline has something similar as well, and it's free for up to 10 switches, I just don't currently use it. Extreme Networks Policy Manager has a great wizard interface for constructing, editing, and exploring policy files, and can save them to a switch via TFTP when they're done. It's pretty simple, just a different workflow from Cisco/Juniper.
I'm not aware of a place to find many examples of these ACLs, but they're fairly straightforward. If you need a quick reference on what attributes you can match in a policy file, you can, from the CLI, type:
check policy attribute
then hit Tab for a complete list. Type in any of the attributes to get a description. (from Ansley_Barnes)
