37
Configure the device to permit only Telnet packets sourced from Host A and Host B.
Figure 15 Network diagram
Configuration procedure
# Configure an ACL to permit packets sourced from Host A and Host B.
<Sysname> system-view
[Sysname] acl number 2000 match-order config
[Sysname-acl-basic-2000] rule 1 permit source 10.110.100.52 0
[Sysname-acl-basic-2000] rule 2 permit source 10.110.100.46 0
[Sysname-acl-basic-2000] quit
# Apply the ACL to filter Telnet logins.
[Sysname] telnet server acl 2000
Controlling SNMP access
Use a basic ACL (2000 to 2999) to control SNMP access by source IP address. To access the
requested MIB view, an NMS must use a source IP address permitted by the ACL.
Configuration procedure
To control SNMPv1 or SNMPv2c access, configure ACLs and perform the following tasks:
3.
system-view
N/A
4.
Configure the
SNMP access
right.
• (Method 1.) Create an SNMP community and specify
ACLs for the community:
In VACM mode:
snmp-agent community { read | write } [ simple |
cipher ] community-name [ mib-view view-name ]
[ acl acl-number | acl ipv6 ipv6-acl-number ] *
In RBAC mode:
snmp-agent community [ simple | cipher ]
community-name user-role role-name [ acl
acl-number | acl ipv6 ipv6-acl-number ] *
• (Method 2.) Create an SNMPv1/v2c group and add a
user to the group
, specifying ACLs for the group and
user:
a. snmp-agent group { v1 | v2c } group-name
F
information about
Network
Monitoring
Configuration
Guide.
Host B
10.110.100.52
Device
IP network
Host A
10.110.100.46
To Next Page
Loading...
