59
Configuring source MAC-based Telnet login control
Ethernet frame header ACLs apply to Telnet traffic only if the Telnet client and server are located in the
same subnet.
To configure source MAC-based Telnet login control:
Ste
Command
Remarks
1. Enter system view.
system-view N/A
2. Create an Ethernet frame
header ACL and enter its
view.
acl number acl-number [ name
name ] [ match-order { config |
auto } ]
By default, no Ethernet frame
header ACL exists.
3. Configure an ACL rule.
rule [ rule-id ] { permit | deny }
rule-string
N/A
4. Exit Ethernet frame header
ACL view.
quit N/A
5. Enter user interface view.
user-interface [ type ] first-number
[ last-number ]
N/A
6. Use the ACL to control user
logins by source MAC
address.
acl acl-number inbound inbound: Filters incoming packets.
Telnet login control configuration example
Network requirements
As shown in Figure 23, configure an ACL on the device to permit only incoming Telnet packets sourced
from Host A and Host B.
Figure 23 Network diagram
Configuration procedure
# Configure basic ACL 2000, and configure rule 1 to permit packets sourced from Host B, and rule 2 to
permit packets sourced from Host A.
<Sysname> system-view
[Sysname] acl number 2000 match-order config
[Sysname-acl-basic-2000] rule 1 permit source 10.110.100.52 0
To Next Page
Loading...
Need help?
General
