9-3
To do… Use the command… Remarks
Apply a
basic or
advanced
ACL to
control
Telnet users
acl acl-number { inbound |
outbound }
Apply an
ACL to
control
Telnet users
by ACL
Apply a
Layer 2 ACL
to control
Telnet users
acl acl-number inbound
Required
Use either command
z The inbound keyword specifies to
filter the users trying to Telnet to
the current switch.
z The outbound keyword specifies
to filter users trying to Telnet to
other switches from the current
switch.
Configuration Example
Network requirements
Only the Telnet users sourced from the IP address of 10.110.100.52 are permitted to access the
switch.
Network diagram
Switch
10.110.100.46
Host A
IP network
Host B
10.110.100.52
Figure 9-1 Network diagram for controlling Telnet users using ACLs
Configuration procedure
# Define a basic ACL.
<Sysname> system-view
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule 1 permit source 10.110.100.52 0
[Sysname-acl-basic-2000] quit
# Apply the ACL.
[Sysname] user-interface vty 0 4
[Sysname-ui-vty0-4] acl 2000 inbound
Controlling Network Management Users by Source IP Addresses
You can manage an S5100-SI/EI Ethernet switch through network management software.
Network management users can access switches through SNMP.
You need to perform the following two operations to control network management users by source
IP addresses.
To Next Page
Loading...
