There is a difference the way access profiles works for web access.
The http process can only have policies applied to it that are dynamic policies. Dynamic Policies are applied as single line items to the switch and not as policy files. You can also add counters to both Policy files and Dynamic Policies.
This is different then the method for telnet/SSH or SNMP
Suppose we have 4 IPs for which we want to allow http Access to the Switch.
IPs are like:
Then we have to create 5 rules like
create access-list IP-ONE " source-address 1.1..1.1/24; " "permit"
create access-list IP-TWO " source-address 126.96.36.199/24; " "permit"
create access-list IP-THREE " source-address 188.8.131.52/24; " "permit"
create access-list IP-FOUR " source-address 184.108.40.206/24; " "permit"
create access-list IP-OTHER " source-address 0.0.0.0/0; " "deny"
NOTE:RULE NAMES SHOULD BE DIFFERENT
Now we need to apply these rules to the web http
Configure web http access-profile add IP-ONE first
Configure web http access-profile add IP-TWO first
Configure web http access-profile add IP-THREE first
Configure web http access-profile add IP-FOUR first
Configure web http access-profile add IP-OTHER after IP-FOUR