78
Ste
Command
Remarks
4. Exit the basic ACL view.
quit —
5. Enter user interface view.
user-interface [ type ]
first-number [ last-number ]
—
6. Use the ACL to control user login by
source IP address.
acl [ ipv6 ] acl-number
{ inbound | outbound }
Required.
• inbound—Filters incoming
Telnet packets.
• outbound—Filters
outgoing Telnet packets.
Configuring source and destination IP-based login control over
Telnet users
Because advanced ACLs can match both source and destination IP addresses of packets, use advanced
ACLs to implement source and destination IP-based login control over Telnet users. Advanced ACLs are
numbered from 3000 to 3999. For more information about ACL, see ACL and QoS Configuration Guide.
To configure source and destination IP-based login control over Telnet users:
Ste
Command
Remarks
1. Enter system view.
system-view —
2. Create an advanced ACL and enter its
view, or enter the view of an existing
advanced ACL.
acl [ ipv6 ] number
acl-number [ match-order
{ config | auto } ]
Required.
By default, no advanced ACL
exists.
3. Configure rules for the ACL.
rule [ rule-id ] { permit |
deny } rule-string
Required.
4. Exit advanced ACL view. quit —
5. Enter user interface.
user-interface [ type ]
first-number [ last-number ]
—
6. Use the ACL to control user login by
source and destination IP addresses.
acl [ ipv6 ] acl-number
{ inbound | outbound }
Required.
• inbound—Filters incoming
Telnet packets.
• outbound—Filters outgoing
Telnet packets.
Configuring source MAC-based login control over Telnet users
Ethernet frame header ACLs can match the source MAC addresses of packets, so use Ethernet frame header
ACLs to implement source MAC-based login control over Telnet users. Ethernet frame header ACLs are
numbered from 4000 to 4999. For more information about ACL, see ACL and QoS Configuration Guide.
To Next Page
Loading...
Need help?
General
