5-4
Layer 2 ACL is invalid for this function if the source IP address of the Telnet client and the interface IP
address of the Telnet server are not in the same subnet.
Configuration Example
Network requirements
Only the Telnet users sourced from the IP addresses of 10.110.100.52 and 10.110.100.46 are permitted
to log in to the AP.
Figure 5-1 Network diagram for controlling Telnet users using ACLs
Configuration procedure
# Define a basic ACL.
<Sysname> system-view
[Sysname] acl number 2000 match-order config
[Sysname-acl-basic-2000] rule 1 permit source 10.110.100.52 0
[Sysname-acl-basic-2000] rule 2 permit source 10.110.100.46 0
[Sysname-acl-basic-2000] rule 3 deny source any
[Sysname-acl-basic-2000] quit
# Apply the ACL to only permit Telnet users sourced from the IP addresses of 10.110.100.52 and
10.110.100.46 to access the AP.
[Sysname] user-interface vty 0 4
[Sysname-ui-vty0-4] acl 2000 inbound
Controlling Network Management Users by Source IP Addresses
You can manage a WA series WLAN access point through network management software. Network
management users can access APs through SNMP.
Perform the following two operations to control network management users by source IP addresses.
z Defining an ACL
z Applying the ACL to control users accessing the access point through SNMP
To Next Page
Loading...
Need help?
General
