Operation Manual – Login
H3C S3600 Series Ethernet Switches-Release 1510 Chapter 8
User Control
8-4
Operation Command Description
Define rules for the
ACL
rule [ rule-id ] { permit |
deny } [ [ type protocol-type
type-mask | lsap lsap-type
type-mask ] | format-type |
cos cos | source
{ source-vlan-id |
source-mac-addr
source-mac-mask }* | dest
{ dest-mac-addr
dest-mac-mask } |
time-range name ]*
Required
You can define rules as
needed to filter by specific
source MAC addresses.
Quit to system view
quit
—
Enter user
interface view
user-interface [ type ]
first-number [ last-number ]
—
Apply the ACL to
control Telnet
users by specified
source MAC
addresses
acl acl-number { inbound |
outbound }
Required
The inbound keyword
specifies to filter the users
trying to Telnet to the current
switch.
The outbound keyword
specifies to filter users trying
to Telnet to other switches
from the current switch.
8.2.5 Configuration Example
I. Network requirements
Only the Telnet users sourced from the IP address of 10.110.100.52 and 10.110.100.46
are permitted to log into the switch.
II. Network diagram
Internet
Sw itc h
Internet
Sw itc h
s
Figure 8-1 Network diagram for controlling Telnet users using ACL
III. Configuration procedure
# Define a basic ACL.
To Next Page
Loading...
Need help?
General