8
CONTROLLING LOGIN USERS
Introduction A switch provides ways to control different types of login users, as listed in
Table 22 .
Controlling Telnet
Users
Prerequisites The controlling policy against Telnet users is determined, including the source and
destination IP addresses to be controlled and the controlling actions (permitting or
denying).
Controlling Telnet Users
by Source IP Addresses
Controlling Telnet users by source IP addresses is achieved by applying basic ACLs,
which are numbered from 2000 to 2999.
Table 22 Ways to control different types of login users
Login mode Control method Implementation Related section
Telnet By source IP addresses Through basic ACLs Section “Controlling Telnet
Users by Source IP Addresses”
on page 75.
By source and
destination IP
addresses
Through advanced
ACLs
Section “Controlling Telnet
Users by Source and
Destination IP Addresses” on
page 76.
By source MAC
addresses
Through Layer 2
ACLs
Section “Controlling Telnet
Users by Source MAC
Addresses” on page 76
SNMP By source IP addresses Through basic ACLs Section “Controlling Network
Management Users by Source
IP Addresses” on page 78
WEB By source IP addresses Through basic ACLs Section “Controlling Web
Users by Source IP Addresses”
on page 80
Disconnect Web users
by force
By executing
commands in CLI
Section “Disconnecting a
Web User by Force” on page
80.
To do… Use the command… Remarks
Enter system view system-view -
Create a basic ACL or enter
basic ACL view
acl [ ipv6 ] number
acl-number [ match-order
{ config | auto }]
As for the acl number
command, the config
keyword is specified by
default.
To Next Page
Loading...
